17 Dec
2003
17 Dec
'03
11:17 p.m.
Matthew Ghio writes:
sdw@lig.net (Stephen D. Williams) wrote:
I really like the idea of using DNS for (public I assume) keys...
I don't.
Public keys in the DNS is a bad idea because it makes it difficult to update the database, especially in large organizations.
Thats one of a number of reasons why the DNS dynamic update facility has been created.
The host should be able to give its own key in response to a query.
What makes you assume we are using hosts as the keyed endpoints in the usual case? Users are also getting keys, and querying them will be difficult until humans all come equipped with implanted radio transmitters. See "The Presidents Analyst" for a possible solution to that problem, but I prefer DNS :-) Perry