[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Design] Re: opportunistic encryption deployment problems
>>>>> "Jakob" == Jakob Schlyter <jakob@crt.se> writes:
Jakob> On Fri, 31 Aug 2001, Michael Richardson wrote:
>> In the meantime, we can publish lists of secure zones with contact
>> information and do PGP-like web-of-trust stuff.
Jakob> you can not do PGP-like web-of-trust within DNSsec as all signatures needs
Jakob> to be strictly hierarchical.
Yes, that is true.
But, if one assumes that one has a forest rather than a tree, then one can
do web-of-trust like things on the "root" keys. Whether one does this with
PGP signatures or using DNSsec signatures is a different question.
Jakob> or do you mean distributing lists of secure
Jakob> zones together with their public keys using PGP?
So, the answer is "yes"
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy"); [
References: