-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Brad Knowles wrote:
Jeroen Massar wrote:
It is more a 'separation' question I am asking, so that one has a
subzone for these records, which will allow one to have say 3
nameservers, which are registered at the tld servers thus can't
easily be changed, for example.org but have 20, which you stuff in
example.org, handling the load for _certs.example.org where the CERTS
are stored. It's a choice item giving the possility of doing it.
Flat databases don't scale. We know this. This is why we no
longer use HOSTS.TXT, but instead use the hierarchical DNS.
Not really. The real problem with HOSTS.TXT wasn't that it is flat, but
that it is decentralized. Rsync'ing it from a central register might have
been viable (though not very elegant). Thankfully we ended up with DNS
anyway.
I have yet to be convinced that cryptographically signing each
and every message that passes through the server can be scalable in
any common sense of the word, but at least that's a different problem
which might be addressable through custom hardware.
Signing each and every message may be slow, but slow doesn't imply
unscalable. You can still use n times the MTAs and be n times faster.
That scales very well, actually.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFENO+FwL7PKlBZWjsRArm4AJ9ZzTC7s3zKyE2AJoUBocAajAF20QCcCJsb
B9jxuiOaIBkBx0AI3XYku7E=
=sbK+
-----END PGP SIGNATURE-----
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com