[Top] [All Lists]

Re: [ietf-smtp] [OT] (signed TLDs)

2019-10-15 14:11:13
On Tuesday 15 October 2019 18:52:18 CEST, Hector Santos wrote:
I wish I understood more of this discussion and "basic problem," if any,

It's this: if someone were to tell the .com registry that starting immediately, they wish to sign domain and will the .com registry please include the necessary RRs in .com, how would the .com registry know whether to trust that someone?

Once the domain is signed and the records are in .com, there's a fine mechanism that anyone can use to check whether that someone actually controls But what about the initial inclusion of the signature-related records in the .com zone?

There are ways, sometimes at least. For example, if it's done when the domain is initially registered, then it's clear that the registrant actually is the registrant. But initiating trust is a difficult problem if you want to solve it generally.


ietf-smtp mailing list