[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DNS Security

To: Steve Kent <kent@BBN.COM>
Subject: Re: DNS Security
From: Christian Huitema <Christian.Huitema@sophia.inria.fr>
Date: Mon, 10 May 93 17:31:37 +0200
Cc: Ran Atkinson <atkinson@itd.nrl.navy.mil>, Kent@itd.nrl.navy.mil, Steve@itd.nrl.navy.mil, ipsec@ans.net, namedroppers@nic.ddn.mil
In-Reply-To: Your message of "Mon, 10 May 93 10:01:31 EDT." <9305101401.AA26738@nic.ddn.mil>

Steve,

One can in fact apply the "end to end argument" here. As the source of the
data is not the DNS but some user admin, then the records of a secure 
DNS should be signed by this admin, not the DNS server. 

This is exactly what is done for "certificates"...

Christian Huitema

Follow-Ups:

Re: DNS Security

From: Steve Kent <kent@BBN.COM>

Prev by Date: Re: DNS Security
Next by Date: Re: DNS Security
Prev by thread: Re: DNS Security
Next by thread: Re: DNS Security
Index(es):
- Main
- Thread