To:
Randy Bush <randy@psg.com>
Cc:
Derek Atkins <warlord@MIT.EDU>, dnssec@cafax.se
From:
Edward Lewis <lewis@tislabs.com>
Date:
Wed, 5 Sep 2001 11:55:37 -0400
In-Reply-To:
<E15eeng-000EEA-00@rip.psg.com>
Sender:
owner-dnssec@cafax.se
Subject:
Re: CERTificates and public keys
Just throwing this out...a new class. Application keys aren't "IN"ternet things. I'm not sure this would be a good idea, but thought I'd mention it. At 11:41 AM -0400 9/5/01, Randy Bush wrote: >> I've got a solution to that: nothing states that you can't delegate >> keys to another subdomain and host it on different servers. > >hmmm. interesting hack. have to think about > > o where to actually fork. i.e. one could make the extreme example > of a new root class. > > o trust issues, how closely bound one wants the app data with a > verifiable dnssec tree for the namespace > > o ... > >randy -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis NAI Labs Phone: +1 443-259-2352 Email: lewis@tislabs.com You fly too often when ... the airport taxi is on speed-dial. Opinions expressed are property of my evil twin, not my employer.