on 6/8/2002 8:54 PM Simon Josefsson said the following:
Despite the FUD presented by certain individuals that doesn't want
keys/certs in DNS, people have already tarted doing it and it works
fine.
Setting aside the issue of whether or not people are spreading FUD,
perhaps you could tell us about your setup. How homogenous were the
applications and operating systems that requested the certs? What resolver
calls did you use? What other RRs were bound to the owner names? How many
delegation entries did you provide along with the data and what was the
message size without the certs? How big were the certs? Did any of the
lookups overflow, and did everything support TCP fallback? and finally, do
you think that the answers will be the same for all nodes across the
global namespace?
--
Eric A. Hall http://www.ehsco.com/
Internet Core Protocols http://www.oreilly.com/catalog/coreprot/