IETF Logo Mail Archive

Re: [TLS] [saag] [pkix] Cert Enumeration and Key Assurance With DNSSEC

Peter Gutmann <pgut001@cs.auckland.ac.nz> Wed, 06 October 2010 15:22 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8742A3A7115; Wed, 6 Oct 2010 08:22:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.428
X-Spam-Level:
X-Spam-Status: No, score=-3.428 tagged_above=-999 required=5 tests=[AWL=0.171, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lEJkXRspUAvw; Wed, 6 Oct 2010 08:22:27 -0700 (PDT)
Received: from mx2-int.auckland.ac.nz (mx2-int.auckland.ac.nz [130.216.12.41]) by core3.amsl.com (Postfix) with ESMTP id D5C853A7148; Wed, 6 Oct 2010 08:22:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=pgut001@cs.auckland.ac.nz; q=dns/txt; s=uoa; t=1286378608; x=1317914608; h=from:to:subject:in-reply-to:message-id:date; z=From:=20Peter=20Gutmann=20<pgut001@cs.auckland.ac.nz> |To:=20dnsop@ietf.org,=20mstjohns@comcast.net,=20pkix@iet f.org,=20saag@ietf.org,=0D=0A=20=20=20=20tls@ietf.org |Subject:=20Re:=20[saag]=20[pkix]=20[TLS]=20Cert=20Enumer ation=20and=20Key=20Assurance=20With=20DNSSEC |In-Reply-To:=20<20101004182935.9E23A3A705F@core3.amsl.co m>|Message-Id:=20<E1P3Vq1-0000V9-Gc@wintermute02.cs.auckl and.ac.nz>|Date:=20Thu,=2007=20Oct=202010=2004:23:25=20+1 300; bh=fwqRS7JTQ84AaGuNs6ko3D2cytteAbjqJpC+ki2mA50=; b=WfY0vcIRy09TgoTI5wTSIVU1hutsqzo1dPZwuOAELQMQy4gZKQ37P30L t0FrMtbf1drNNMQRt1S/6SY85ccBh1iABWREi9WXrcTtBVjVQjqfgIwN3 dQWj0ARIvML4EsgOdQAeh0cxpy0tSJfCjDQSTnRQPwySZhNJIpOP08Pej c=;
X-IronPort-AV: E=Sophos;i="4.57,290,1283688000"; d="scan'208";a="30004051"
X-Ironport-HAT: UNIVERSITY - $RELAY-THROTTLE
X-Ironport-Source: 130.216.207.92 - Outgoing - Outgoing
Received: from wintermute02.cs.auckland.ac.nz ([130.216.207.92]) by mx2-int.auckland.ac.nz with ESMTP/TLS/AES256-SHA; 07 Oct 2010 04:23:25 +1300
Received: from pgut001 by wintermute02.cs.auckland.ac.nz with local (Exim 4.69) (envelope-from <pgut001@cs.auckland.ac.nz>) id 1P3Vq1-0000V9-Gc; Thu, 07 Oct 2010 04:23:25 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: dnsop@ietf.org, mstjohns@comcast.net, pkix@ietf.org, saag@ietf.org, tls@ietf.org
In-Reply-To: <20101004182935.9E23A3A705F@core3.amsl.com>
Message-Id: <E1P3Vq1-0000V9-Gc@wintermute02.cs.auckland.ac.nz>
Date: Thu, 07 Oct 2010 04:23:25 +1300
Subject: Re: [TLS] [saag] [pkix] Cert Enumeration and Key Assurance With DNSSEC
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Oct 2010 15:22:29 -0000

Michael StJohns <mstjohns@comcast.net> writes:

>DNSSEC seems to be picking on PKIX and vice versa - maybe the right answer is
>both?

Maybe the right answer is a paddling pool full of jello and Marquess of
Queensberry rules?

Peter (just adding to the available options a bit).

v2.23.0 | Report a Bug | By Email