On Jun 8, 2002, 09:22 (-0400) Steven M. Bellovin <smb@research.att.com> wrote: > >Here is a sample certificate... which is less than 2kB long... > > > >DNS protocol uses mainly udp, which I think can handle this size... > > > >You can know what it means by using the command (I think): > > > > DNS packets are limited to 512 bytes. Few MTUs are larger than 1500. If the response requires a larger packet, the query has to be repeated with TCP, which is more costly. > Anyway -- the concept is called "appkeys", and has been discussed in > the dnsext working group. Check the archives. > > Oh yes -- x.509 isn't the only way to do certificates. For certificates you could use CERT records. Mats ---------------------------------------------------------------------- Mats Dufberg <dufberg@nic-se.se> ----------------------------------------------------------------------