Re: Global PKI on DNS?

A modest, realistic ambition for a DNS-based PKI would be to improve
the security of the binding between DNS entries and the associated
machines


yes, I think this is right.  it eliminates some kinds of threats. but 
it still doesn't guarantee that you're talking to the service you think 
you're talking to. and that's a difficult distinction to communicate 
to users.

that and putting this much trust in the registries makes them very
attractive targets.

Keith

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Global PKI on DNS?, (continued) Re: Global PKI on DNS?, Ed Gerck Re: Global PKI on DNS?, Einar Stefferud Re: Global PKI on DNS?, Stephen Kent Re: Global PKI on DNS?, Einar Stefferud Re: Global PKI on DNS?, Chris Evans Re: Global PKI on DNS?, Alex Audu Re: Global PKI on DNS?, Stephen Kent a nit, Re: Global PKI on DNS?, Ed Gerck Re: Global PKI on DNS?, Keith Moore Re: Global PKI on DNS?, Stephen Kent Re: Global PKI on DNS?, Keith Moore <= Re: Global PKI on DNS?, Stephen Kent Re: Global PKI on DNS?, Harald Koch Re: Global PKI on DNS?, Stephen Kent Re: Global PKI on DNS?, Keith Moore Re: Global PKI on DNS?, Ed Gerck Re: Global PKI on DNS?, Stephen Kent Re: Global PKI on DNS?, Ed Gerck Re: Global PKI on DNS?, Stephen Kent Re: Global PKI on DNS?, Ed Gerck Re: Global PKI on DNS?, Eric Rescorla

Previous by Date:	Re: Global PKI on DNS?, Stephen Kent
Next by Date:	Re: Global PKI on DNS?, Ed Gerck
Previous by Thread:	Re: Global PKI on DNS?, Stephen Kent
Next by Thread:	Re: Global PKI on DNS?, Stephen Kent
Indexes:	[Date] [Thread] [Top] [All Lists]