[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[IPSECKEY] Re: I-D ACTION:draft-richardson-ipsec-rr-01.txt



-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "Jakob" == Jakob Schlyter <jakob@crt.se> writes:
    Jakob> On Fri, 17 Jan 2003 Internet-Drafts@ietf.org wrote:

    >> Title		: A method for storing IPsec keying material in DNS
    >> Author(s)	: M. Richardson
    >> Filename	: draft-richardson-ipsec-rr-01.txt
    >> Pages		: 6
    >> Date		: 2003-1-16

    Jakob> may I suggest that IPSECKEY requests type 45 as SSHFP requests type 44.
    Jakob> I'm not saying that we should do IANAs work, but some syncronization could
    Jakob> be useful.

  Sure, I'll put that in -02. I was told that it is easiest if you "suggest"
a value. 

    Jakob> the file representation could be simplier. I propose that we use a integer
    Jakob> value for the public key algorithm instead of the literal 'RSA:'. other
    Jakob> than that, I like the RDATA format - it's simple and clean.

  I'm not crazy about magic numbers. The KEY presentation format's hex
sub-type was already pretty obscure. Certainly, I would agree that use of an
integer should be legal - you can't add new algorithm types easily otherwise.

]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBPighiIqHRg3pndX9AQHuNAQAjfEtQ6gLfO3M1HVjuRJyjUVvS0bCjpgO
rt6rY8w8KJi61yj14hryb7VLayfJVysWr8J97jTIj5o3vc3bzG3zj5PfdIp0DvcM
kdS0AlmJwJtWMfCcM7hbyt3iVvtv3R0tS23rONGTMjiDtHX60fKnwKkqKNceyIP7
qtTTNHm+KyI=
=nlgo
-----END PGP SIGNATURE-----
-
This is the IPSECKEY@sandelman.ca list.
Email to ipseckey-request@sandelman.ca to be removed.