ietf-mailsig
[Top] [All Lists]

RE: QUERY: Key Server Choices

2005-07-26 06:28:05

--- "Hallam-Baker, Phillip" <pbaker(_at_)verisign(_dot_)com> wrote:

q=xkms

Ahhh. So we're talking about heavy-weight key fetching alternatives. I thought
the original discussion was about *optional* accreditation look-ups that were
additional to verification.

I would suggest something like an optional accreditation tag in either the
selector or whatever light-weight policy RR gets invented. I'd also like such a
tag to identify, in-band, the accreditation authority so that I can make some
decisions on whether to even bother with the accreditation fetch. Some random
URL doesn't meet that need.

I for one would not vote for a mechanism that could potentially result in my
inbound systems having to initiate a large number of heavy-weight key look-up
requests. And, if the sender can choose to send with q=xkms, that inbound
system load is quite a feasible scenario, in my mind.


Mark.


<Prev in Thread] Current Thread [Next in Thread>