Re: Global PKI on DNS?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




on 6/8/2002 8:54 PM Simon Josefsson said the following:

> Despite the FUD presented by certain individuals that doesn't want
> keys/certs in DNS, people have already tarted doing it and it works
> fine.

Setting aside the issue of whether or not people are spreading FUD,
perhaps you could tell us about your setup. How homogenous were the
applications and operating systems that requested the certs? What resolver
calls did you use? What other RRs were bound to the owner names? How many
delegation entries did you provide along with the data and what was the
message size without the certs? How big were the certs? Did any of the
lookups overflow, and did everything support TCP fallback? and finally, do
you think that the answers will be the same for all nodes across the
global namespace?

-- 
Eric A. Hall                                        http://www.ehsco.com/
Internet Core Protocols          http://www.oreilly.com/catalog/coreprot/


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]