DNSSEC mailing list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Jakob Schlyter <jakob@crt.se>
Cc: Scott Rose <scottr@antd.nist.gov>, <dnssec@cafax.se>
From: Derek Atkins <warlord@MIT.EDU>
Date: 04 Sep 2001 13:19:03 -0400
In-Reply-To: Jakob Schlyter's message of "Tue, 4 Sep 2001 19:05:06 +0200 (MEST)"
Sender: owner-dnssec@cafax.se
Subject: Re: CERTificates and public keys

It's well known that 2535 needs updating.  We don't need APPKEY
to do it.

-derek

Jakob Schlyter <jakob@crt.se> writes:

> On 4 Sep 2001, Derek Atkins wrote:
> 
> > No, a KEY record should ONLY be used for DNSSec keys.  No application
> > keys should be put into KEY records.
> 
> rfc 2535 specifies that KEY is to be used for both applications and dnssec
> itself. my APPKEY draft changes this and recommends that KEY is deprecated
> for all other protocol values than dnssec.
> 
> 	jakob
> 

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available

Follow-Ups:
- Re: CERTificates and public keys
  - From: Jakob Schlyter <jakob@crt.se>

References:
- Re: CERTificates and public keys
  - From: Jakob Schlyter <jakob@crt.se>

Prev by Date: Re: CERTificates and public keys
Next by Date: Re: CERTificates and public keys
Prev by thread: Re: CERTificates and public keys
Next by thread: Re: CERTificates and public keys
Index(es):
- Date
- Thread

Home | Date list | Subject list