Re: Global PKI on DNS?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: "John Stracke" <jstracke@incentivesystems.com>
Subject: Re: Global PKI on DNS?
From: Simon Josefsson <simon+keydist@josefsson.org>
Date: Thu, 13 Jun 2002 21:22:56 +0200
Cc: Franck Martin <Franck@sopac.org>, ietf <ietf@IETF.ORG>, isdf@isoc.org, Key Distribution <keydist@cafax.se>, openssl-users@openssl.org, owner-ietf@IETF.ORG
In-reply-to: <OF4A931F67.FFE1C8BB-ON85256BD7.004D98DC@incentivesystems.com> ("JohnStracke"'s message of "Thu, 13 Jun 2002 10:08:49 -0400")
Sender: owner-ietf@IETF.ORG
User-agent: Gnus/5.090007 (Oort Gnus v0.07) Emacs/21.2.90(i686-pc-linux-gnu)

"John Stracke" <jstracke@incentivesystems.com> writes:

>>The CERT extension to DNS allows to place there a URI, a URI is smaller
> than
>>a cert and stays in a udp packet.
>
> Bootstrap problem: how can you trust the results of the URI?

The URI can contain a hash (fingerprint) of the target data.  C.f. TLS
extensions document.

References:
- RE: Global PKI on DNS?
  - From: John Stracke

Prev by Date: Re: Global PKI on DNS?
Next by Date: Re: Global PKI on DNS?
Previous by thread: RE: Global PKI on DNS?
Next by thread: Re: Global PKI on DNS?
Index(es):
- Date
- Thread

[Index of Archives] [IETF Annoucements] [IETF] [IP Storage] [Yosemite News] [Linux SCTP] [Linux Newbies] [Fedora Users]