IPSEC goes to RFC
Peter Trei
trei
Fri Aug 11 06:51:35 PDT 1995
Don Eastlake has actually done a draft RFC on
using the DNS for key distribution.
It may be found at
ftp://ietf.cnri.reston.va.us/internet-drafts/draft-ietf-dnssec-secext-04.txt
He briefed the W3C security working group about
this recently, and a number of people raised objections, notably
* database bloat
* zone transfer bloat
* increased hits on root servers due to a new class of inquiry.
There was some discussion as to whether these were valid objections,
and the people running prototype code said they had had no problems.
Peter Trei
Senior Software Engineer
Purveyor Development Team
Process Software Corporation
trei at process.com
More information about the cypherpunks-legacy
mailing list