To:
Simon Josefsson <simon+dnssec@josefsson.org>
Cc:
Ólafur Guðmundsson <ogud@ogud.com>, Derek Atkins <warlord@MIT.EDU>, Scott Rose <scottr@antd.nist.gov>, <dnssec@cafax.se>
From:
Jakob Schlyter <jakob@crt.se>
Date:
Thu, 6 Sep 2001 23:12:57 +0200 (MEST)
In-Reply-To:
<Pine.LNX.4.33.0109062223400.31671-100000@slipsten.extundo.com>
Sender:
owner-dnssec@cafax.se
Subject:
Re: CERTificates and public keys
On Thu, 6 Sep 2001, Simon Josefsson wrote: > If APPKEY is supposed to be CERT Done Right, which I think would be a nice > goal for it, should it repeat the presumed mistake of sub-typing? APPKEY does not _need_ sub-typing as it has fields both for protocol and version (per protocol). the APPKEY-draft does however specify that the owner name can match the SRV RR for the service, thus implementing sub-typing if needed. the reasons for doing this, e.g. large RRsets, should be documented in the next version of the draft. jakob