pem-dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

bounced msg

1993-09-27 12:48:00
from [David I. Dalva] [Permanent Link] 
   ----- Unsent message follows -----
Received: by us3rmc.bb.dec.com; id AA06015; Thu, 16 Sep 93 12:37:35 -0700
Received: by inet-gw-1.pa.dec.com; id AA29545; Thu, 16 Sep 93 12:37:37 -0700
Received: from magellan.tis.com by magellan.TIS.COM id aa24413;
          16 Sep 93 15:12 EDT
Received: from tis.com by magellan.TIS.COM id aa24409; 16 Sep 93 15:10 EDT
Received: from azalea.tis.com by TIS.COM (4.1/SUN-5.64)
        id AA20852; Thu, 16 Sep 93 15:09:55 EDT
Received: by azalea.tis.com; id AA03304; Thu, 16 Sep 93 15:08:35 EDT
Received: from mit.mit.edu/18.72.2.1 via smap
Received: from toxicwaste.media.mit.edu by MIT.EDU with SMTP
        id AA09662; Thu, 16 Sep 93 14:59:20 EDT
Received: by toxicwaste.MEDIA.MIT.EDU (5.61/4.7) id AA14776; Thu, 16 Sep 93 14:
59:17 -0400
Message-Id: 
<9309161859(_dot_)AA14776(_at_)toxicwaste(_dot_)MEDIA(_dot_)MIT(_dot_)EDU>
To: "Robert W. Shirey" <shirey(_at_)mitre(_dot_)org>
Cc: ipsec(_at_)ans(_dot_)net, namedroppers(_at_)nic(_dot_)ddn(_dot_)mil, 
pem-dev(_at_)tis(_dot_)com
Subject: Re: [resend] Use of DNS to distribute keys
In-Reply-To: Your message of Thu, 16 Sep 93 12:53:00 -0500.
             
<9309161647(_dot_)AA29200(_at_)smiley(_dot_)mitre(_dot_)org(_dot_)sit>
Date: Thu, 16 Sep 93 14:59:14 EDT
From: Derek Atkins <warlord(_at_)mit(_dot_)edu>


That was not my question.  My question was

         What assurance features or mechanisms are going to be used
         throughout the DNS that will make all of us trust all of
         those servers for all of our applications?


It doesn't matter.  You take the certificate you get back from the
server and do a cryptographic check back to the root key.  That is a
known problem (How do you trust a key that someone sends to you in the
mail anyways?  Same method!)

The biggest problem, currently, is getting DNS to deliver such large
pieces of data.  That seems to be the more pressing problem.  We
solved certificate verification in the creation of certificates.

- -derek

         Derek Atkins, SB '93 MIT EE, G MIT Media Laboratory
     Secretary, MIT Student Information Processing Board (SIPB)
            warlord(_at_)MIT(_dot_)EDU       PP-ASEL        N1NWH


------- End of Forwarded Message
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  bounced msg, David I. Dalva
Next by Date:  bounced msg, David I. Dalva
Previous by Thread:  bounced msg, David I. Dalva
Next by Thread:  bounced msg, David I. Dalva
Indexes:  [Date] [Thread] [Top] [All Lists]