Donald Eastlake posted this on the IAHC-discuss list. Cool stuff.

Date: Wed, 12 Feb 1997 10:14:05 -0500 (EST) From: "Donald E. Eastlake 3rd" <dee@cybercash.com> To: iahc-discuss@iahc.org Subject: Security (Re: Encryption for DNS registration)

People may want to note that yesterday (Feb 11th) the IESG approved the DNS dynamic update and DNS secure dynamic update (draft-ietf-dnssec-update-04.txt and draft-ietf-dnsind-dynDNS-11.txt) as Proposed Standards. The base DNS security protocol was approved some time ago and is now out as RFC 2065. TIS is working on a government funded implementation which will be in the public domain (http://www.tis.com/docs/research/network/dns.html). Their current Beta implementation of the base DNS security has been approved for export. I believe there is an independent implementation effort underway at Microsoft.

While this was primarily motived by wanting to be able to securely do dynamic updates of the DNS in connection with DHCP, it is a general facility and could be one element of securely implenmeting a shared TLD. You would, however, still need a way of sending general authenticated messages. PGP seems like an excellent candidate for this as it is the de-facto standard available world wide.

Donald

[ quotes from previous messages deleted -- Bill ]

===================================================================== Donald E. Eastlake 3rd +1 508-287-4877(tel) dee@cybercash.com 318 Acton Street +1 508-371-7148(fax) dee@world.std.com Carlisle, MA 01741 USA +1 703-620-4200(main office, Reston, VA) http://www.cybercash.com http://www.eff.org/blueribbon.html