Re: Global PKI on DNS?

To: Einar Stefferud <stef at nma.com>
Subject: Re: Global PKI on DNS?
From: Stephen Kent <kent at bbn.com>
Date: Thu, 13 Jun 2002 09:47:42 -0400
Cc: ietf <ietf at ietf.org>
In-reply-to: <v04220818b92ddfce4d1b@[192.168.1.14]>
References: <D9E0SFBURDA5LIJE0443LF4Z31C31.3d082370@www> <v04220818b92ddfce4d1b@[192.168.1.14]>
Sender: owner-ietf at ietf.org

At 10:42 PM -0700 6/12/02, Einar Stefferud wrote:

May I suggest that someone do a little work on proving the trust is transitive, as that is what this is really all about, and if it turns out that trust in not transitive, then what was the point?

Maybe if you ask Google about trust transitivity, you all might learn something;-)...
Cheers..Stef
PS:  I trimmed the address list to just IETF;-)...\s


Stef,

Trust generally is not transitive, but cert chains are not about transitive trust. The DNS is a hierarchy with clear lines of authority for name spaces. A PKI modeled on the DNS would parallel the existing hierarchy and merely codify the relationships expressed by it in the form of public key certs.

Steve

Follow-Ups:
- Re: Global PKI on DNS?
  - From: Keith Moore
- a nit, Re: Global PKI on DNS?
  - From: Ed Gerck
- Re: Global PKI on DNS?
  - From: Einar Stefferud

References:
- Re: Global PKI on DNS?
  - From: Chris Evans
- Re: Global PKI on DNS?
  - From: Einar Stefferud

Prev by Date: Re: Regarding MIBs
Next by Date: RE: modems
Previous by thread: Re: Global PKI on DNS?
Next by thread: Re: Global PKI on DNS?
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Re: Global PKI on DNS?

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.