DNSSEC mailing list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Derek Atkins <warlord@MIT.EDU>
Cc: dnssec@cafax.se
From: Randy Bush <randy@psg.com>
Date: Wed, 05 Sep 2001 09:13:01 -0700
Sender: owner-dnssec@cafax.se
Subject: Re: CERTificates and public keys

>> o where to actually fork.  i.e. one could make the extreme example
>>   of a new root class.
> IMHO that would be extreme.

sorry.  i like to stretch it to be sure i am thinking all the way to the
edges, as getting out of the box is hard.

the point in this stretch is that, if the base worry is cluttering the dns
data, then splitting a class at the root blows that worry away.

then we have to ask, is this extreme needed.  just to further stretch the
mind, what if one traipsed down the IN tree until one wanted a key or cert,
and then one did a query to the same servers and domain using a KEY or CERT
class?

my apologies.  i know it's lunch time over there.  i am not really
advocating this, but trying to understand as much of the space as i can.

randy

References:
- RE: CERTificates and public keys
  - From: "Loomis, Rip" <GILBERT.R.LOOMIS@saic.com>
- RE: CERTificates and public keys
  - From: Randy Bush <randy@psg.com>
- Re: CERTificates and public keys
  - From: Derek Atkins <warlord@MIT.EDU>
- Re: CERTificates and public keys
  - From: Randy Bush <randy@psg.com>
- Re: CERTificates and public keys
  - From: Derek Atkins <warlord@MIT.EDU>

Prev by Date: Re: CERTificates and public keys
Next by Date: Re: CERTificates and public keys
Prev by thread: Re: CERTificates and public keys
Next by thread: Re: CERTificates and public keys
Index(es):
- Date
- Thread

Home | Date list | Subject list