[prev in list] [next in list] [prev in thread] [next in thread]
List: pgp-keyserver-folk
Subject: Re: DNSsec as replacement for key servers?
From: Derek Atkins <warlord () mit ! edu>
Date: 1998-04-29 20:32:49
[Download RAW message or body]
What we'd need to do is just define our own KEY type parameter.. Just
define a PGP KEY for DNSSEC, which is the full PGP Key Certificate
(Plus PGP Sigs)....
-derek
Marcel Waldvogel <mwa@tik.ee.ethz.ch> writes:
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> For a long time, I've been under the impression that DNSsec would
> provide a way to fully decentralize keyservers.
>
> Now, I've looked at the drafts in more detail, and have found out
> that there is a way to incorporate RSA and DSA keys and signatures
> on these keys, but there is (currently) no way to add a more complex
> structure (i.e. all the information that will soon be found in the
> keys, such as expiry date, preferred algorithm, ...).
>
> So my assumption is now that PGP keys are a long way from being
> able to get incorporated into DNS, although they are "basically"
> mappable to it (but signatures will fail, because they also cover
> information not in DNS). Is this true? Has anyone thought to bring
> that forward in the DNSsec workgroup?
> (I haven't been following DNSsec at all)
>
> - -Marcel
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.3ia
> Charset: next
>
> iQCVAwUBNUcUnOq7ynKGIBQHAQHThgP/T1VEsjHm9YLNS1sW0aw9gc4xQf2MD3AM
> zPn+5Rn5yGWqdVw7zV1lYQFqVHfqzQfDK7Eb/nNwvEVS+v71tEgTZ2ei8FTfx9CX
> zKwwl1eGW3Xgqqbz/We+iEz4DsWzvsnJHBbLotLXrzBpowF/mZkkN8xcJ8rp70oZ
> u440+WDTFdo=
> =Ir47
> -----END PGP SIGNATURE-----
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL N1NWH
warlord@MIT.EDU PGP key available
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic