wayne wrote:
In
<Pine(_dot_)LNX(_dot_)4(_dot_)62(_dot_)0507260917350(_dot_)7476(_at_)sokol(_dot_)elan(_dot_)net>
"william(at)elan.net" <william(_at_)elan(_dot_)net> writes:
On Tue, 26 Jul 2005 domainkeys-feedbackbase02(_at_)yahoo(_dot_)com wrote:
--- "Hallam-Baker, Phillip" <pbaker(_at_)verisign(_dot_)com> wrote:
q=xkms
Ahhh. So we're talking about heavy-weight key fetching alternatives.
What are your reasons for considering HTTP to be heavy-weight protocol?
I dunno about Mike, but I consider HTTP to be heavy-weight because an
HTTP GET transaction will likely be as costly in terms of both
bandwidth and latency as an SMTP transaction.
I assume "Mike" isn't me :) I don't think there's much question that
DNS is more lightweight than http, but DNS has a lot of limitations
that are wrapped up around its lightweightness. If we later need to
raise the bar to have crypto based authentication of the RR's, it
equalizes the considerations quite a bit, and for reasons that aren't
strictly in terms of number of packets on the wire or bit bloat in
the underlying protocol. But these considerations are complex and not
very well understood at this point which is why I'm rather hesitant
about trying to give solutions for future problems that haven't been
well defined. If we end up needing a makeover for key serving, I'd
rather we not be distracted by any legacy -- and most likely failed --
attempts.
Mike