Re: Global PKI on DNS?

In message 
<1023578283(_dot_)18618(_dot_)13(_dot_)camel(_at_)flinux(_dot_)sopac(_dot_)org(_dot_)fj>,
 Franck Martin write
s:


--=-1oDXxRUK6t5l82vmGc/e
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

Here is a sample certificate... which is less than 2kB long...

DNS protocol uses mainly udp, which I think can handle this size...

You can know what it means by using the command (I think):


DNS packets are limited to 512 bytes.  Few MTUs are larger than 1500.

Anyway -- the concept is called "appkeys", and has been discussed in 
the dnsext working group.  Check the archives.

Oh yes -- x.509 isn't the only way to do certificates.

                --Steve Bellovin, http://www.research.att.com/~smb (me)
                http://www.wilyhacker.com ("Firewalls" book)

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Global PKI on DNS?, (continued) Re: Global PKI on DNS?, Keith Moore Re: Global PKI on DNS?, Michael StJohns Re: Global PKI on DNS?, Keith Moore Re: Global PKI on DNS?, Valdis . Kletnieks Re: Global PKI on DNS?, Keith Moore Re: Global PKI on DNS?, Valdis . Kletnieks Re: Global PKI on DNS?, Franck Martin Re: Global PKI on DNS?, Keith Moore class E address, Nguyen Thi Mai Trang Re: Global PKI on DNS?, Valdis . Kletnieks Re: Global PKI on DNS?, Steven M. Bellovin <= Re: Global PKI on DNS?, Mats Dufberg Re: Global PKI on DNS?, David Conrad Re: Global PKI on DNS?, Steven M. Bellovin Re: Global PKI on DNS?, David Conrad Re: Global PKI on DNS?, Johnny Eriksson Re: Global PKI on DNS?, James Seng RE: Global PKI on DNS?, Christian Huitema Re: Global PKI on DNS?, John Stracke Re: Global PKI on DNS?, Peter Deutsch Re: Global PKI on DNS?, Keith Moore

Previous by Date:	Re: Global PKI on DNS?, Franck Martin
Next by Date:	Re: Global PKI on DNS?, Mats Dufberg
Previous by Thread:	Re: Global PKI on DNS?, Valdis . Kletnieks
Next by Thread:	Re: Global PKI on DNS?, Mats Dufberg
Indexes:	[Date] [Thread] [Top] [All Lists]