IPSEC goes to RFC

Peter Trei trei
Fri Aug 11 06:51:35 PDT 1995


Don Eastlake has actually done a draft RFC on
using the DNS for key distribution.

It may be found at 

ftp://ietf.cnri.reston.va.us/internet-drafts/draft-ietf-dnssec-secext-04.txt

He briefed the W3C security working group about
this recently, and a number of people raised objections, notably

* database bloat
* zone transfer bloat
* increased hits on root servers due to a new class of inquiry.

There was some discussion as to whether these were valid objections,
and the people running prototype code said they had had no problems.


Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
trei at process.com






More information about the cypherpunks-legacy mailing list