17 Dec
2003
17 Dec
'03
11:17 p.m.
Don Eastlake has actually done a draft RFC on using the DNS for key distribution. It may be found at ftp://ietf.cnri.reston.va.us/internet-drafts/draft-ietf-dnssec-secext-04.txt He briefed the W3C security working group about this recently, and a number of people raised objections, notably * database bloat * zone transfer bloat * increased hits on root servers due to a new class of inquiry. There was some discussion as to whether these were valid objections, and the people running prototype code said they had had no problems. Peter Trei Senior Software Engineer Purveyor Development Team Process Software Corporation trei@process.com