Re: [resend] Use of DNS to distribute keys

pem-dev

Re: [resend] Use of DNS to distribute keys

1993-09-25 06:51:00

kaufman(_at_)zk3(_dot_)dec(_dot_)com says:

This discussion came late to pem-dev, and it could be I'm missing some
crucial context.  But let me throw in some thoughts:

1) There is little to be gained by storing certificates of on-line
entities in DNS because it is just as easy to ask the entity for its
certificate(s).


But HOW do you ask the entities for their certificates? DNS is a nice
existing mechanism by which you can do the asking.


It should also be noted that, in doing so, the entire DNS tree need not
be so secure.

If some leaf host needs some security level, only the upper level name
servers of the DNS tree needs to be as secure as the leaf host.

                                                Masataka Ohta

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [resend] Use of DNS to distribute keys, Robert W. Shirey Re: [resend] Use of DNS to distribute keys, Carl Ellison Re: [resend] Use of DNS to distribute keys, Robert W. Shirey Re: [resend] Use of DNS to distribute keys, Derek Atkins Re: [resend] Use of DNS to distribute keys, Brad Huntting Re: [resend] Use of DNS to distribute keys, kaufman Re: [resend] Use of DNS to distribute keys, Perry E. Metzger Re: [resend] Use of DNS to distribute keys, Masataka Ohta <= Re: [resend] Use of DNS to distribute keys, kaufman Re: [resend] Use of DNS to distribute keys, Perry E. Metzger Re: [resend] Use of DNS to distribute keys, Beast (Donald E. Eastlake, 3rd) Re: [resend] Use of DNS to distribute keys, smb Re: [resend] Use of DNS to distribute keys, smb

Previous by Date:	Re: Chance to fix X.509, Hoyt Kesterson
Next by Date:	bounced msg, David I. Dalva
Previous by Thread:	Re: [resend] Use of DNS to distribute keys, Perry E. Metzger
Next by Thread:	Re: [resend] Use of DNS to distribute keys, kaufman
Indexes:	[Date] [Thread] [Top] [All Lists]