From owner-dns-security Thu Oct 1 10:03:11 1998 Received: by portal.ex.tis.com (8.9.1/8.9.1) id JAA01061 for dns-security-outgoing; Thu, 1 Oct 1998 09:59:29 -0400 (EDT) Message-ID: <36138BEC.21A88258@offworld.net> Date: Thu, 01 Oct 1998 15:04:29 +0100 From: Marjorie Neequaye Organization: Offworld X-Mailer: Mozilla 4.06 [en] (X11; I; SunOS 5.5.1 sun4m) MIME-Version: 1.0 To: dns-security@tis.com Subject: BIND.8.1.2 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-dns-security@ex.tis.com Precedence: bulk Hi...., i need help on the configuration file for the BIND dns. I have two nameservers running , primary & secondary The primary config file is to allow only the secondary to do a zone transfer... *primary config file /*creates a named address match list*/ acl name{ ns1 }; adddress_match_list = ns1*1.2.3.4; options{ //etc; listen-on { 5.6.7.8; } allow-transfer { ns1; }; //etc; } *secondary config file options{ listen-on {1.2.3.4;}; allow-query { any; }; transfer-format many-answers; named-xfer "/opt/BIND/sbin/named-xfer"; check-names master fail; check-names slave warn; check-names response ignore; }; can i get anymore help...cos i cant find any more help in the html or man pages. It does not allow zone transfers from ns1..is this b'cos the setup is wrong( help??) the examples dont go as far on zone transfers.. thanx. -- Marjorie Neequaye e-mail: marjorie.neequaye@offworld.net Tel: (44)(0)171 278 3464 From owner-dns-security Mon Oct 5 08:51:37 1998 Received: by portal.ex.tis.com (8.9.1/8.9.1) id IAA16767 for dns-security-outgoing; Mon, 5 Oct 1998 08:48:03 -0400 (EDT) Message-Id: <199810050103.VAA23619@torque.pothole.com> X-Authentication-Warning: torque.pothole.com: localhost [127.0.0.1] didn't use HELO protocol To: dns-security@tis.com cc: dee3@torque.pothole.com Date: Sun, 04 Oct 1998 21:03:37 -0400 From: "Donald E. Eastlake 3rd" X-Mts: smtp Sender: owner-dns-security@ex.tis.com Precedence: bulk Hi, I've recieved a number of comments on the batch of DNSSEC documents that were out for IETF Last Call, including some from IESG members. Most of these just call for clarification but a few asked me to add IANA Considerations sections and to reference RFC 2119. So, I'm going to do a light pass over these drafts. I'll try to be very careful to include detailed summaries of any changes made. Thanks, Donald ===================================================================== Donald E. Eastlake 3rd +1 978-287-4877 dee3@torque.pothole.com 318 Acton Street +1 978-371-7148(fax) Carlisle, MA 01741 USA From owner-dns-security Mon Oct 12 16:48:11 1998 Received: by portal.ex.tis.com (8.9.1/8.9.1) id QAA18457 for dns-security-outgoing; Mon, 12 Oct 1998 16:43:21 -0400 (EDT) Message-Id: <199810122101.RAA18612@clipper.hq.tis.com> X-Sender: balenson@pop.hq.tis.com X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0 Date: Mon, 12 Oct 1998 17:02:41 -0400 To: dns-security@tis.com From: "David M. Balenson" Subject: NDSS '99 Registration Now Taking Place! Cc: balenson@tis.com Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-dns-security@ex.tis.com Precedence: bulk R E G I S T E R N O W ! ! THE INTERNET SOCIETY'S 1999 NETWORK AND DISTRIBUTED SYSTEM SECURITY (NDSS) SYMPOSIUM February 3-5, 1999 Catamaran Resort Hotel San Diego, California General Chair: Steve Welke, Trusted Computer Solutions Program Chairs: Steve Kent, BBN Technologies Gene Tsudik, USC/Information Sciences Institute ONLINE INFORMATION AND REGISTRATION: http://www.isoc.org/ndss99 EARLY REGISTRATION DISCOUNT DEADLINE: January 6, 1999 The 6th annual NDSS Symposium brings together researchers, implementers, and users of network and distributed system security technologies to discuss today's important security issues and challenges. The Symposium provides a mix of technical papers and panel presentations that describe promising new approaches to security problems that are practical and, to the extent possible, have been implemented. NDSS fosters the exchange of technical information and encourages the Internet community to deploy available security technologies and develop new solutions to unsolved problems. KEYNOTE SPEAKER: Whitfield Diffie, Sun Microsystems. Co-author of "Privacy on the Line: The Politics of Wiretapping and Encryption." THIS YEAR'S TOPICS INCLUDE: - Secure Password-Based Protocol for Downloading a Private Key - A Real-World Analysis of Kerberos Password Security - Secure Remote Access to an Internal Web Server - Security and the User - Experimenting with Shared Generation of RSA Keys - Addressing the Problem of Undetected Signature Key Compromise - Practical Approach to Anonymity in Large Scale Electronic Voting Schemes - New Approaches to BGP Security - Distributed Policy Management for Java 1.2 - Distributed Execution with Remote Audit - Trust-Based Authentication in Open Networks - A Network Security Research Agenda - PGRIP: PNNI Global Routing Infrastructure Protection - A Cryptographic Countermeasure Against Connection Depletion Attacks - IPSec: Friend or Foe? EXPANDED PRE-CONFERENCE TECHNICAL TUTORIALS: - Principles of Network Security (Dr. Stephen T. Kent, BBN Technologies) - Optical Network Security (Jeff Ingle and Dr. Eric Harder, NSA) - Electronic Payment Systems (Dr. B. Clifford Neuman, USC/ISI) - Windows NT Security - Cryptography - Web Security and Beyond (Dr. B. Clifford Neuman, USC/ISI) - JAVA Security FOR MORE INFORMATION contact the Internet Society: Internet Society, 12020 Sunrise Valley Drive, Reston, VA, 20191 USA Phone: +1-703-648-9888 Fax: +1-703-648-9887 E-mail: ndss99reg@isoc.org URL: http://www.isoc.org/ndss99/ SPONSORSHIP OPPORTUNITIES AVAILABLE! Take advantage of this high visibility event. Contact Carla Rosenfeld at the Internet Society at +1-703-648-9888 or send e-mail to carla@isoc.org. THE INTERNET SOCIETY is a non-governmental organization for global cooperation and coordination for the Internet and its internetworking technologies and applications. ---------------------------------------------------------------------------- David M. Balenson, Publicity Chair, NDSS '99 TIS Labs at Network Associates, Inc. 3060 Washington Road, Glenwood, MD 21738 USA balenson@tis.com; 301-854-5358; fax 301-854-5363 From owner-dns-security Tue Oct 13 15:39:08 1998 Received: by portal.ex.tis.com (8.9.1/8.9.1) id PAA23417 for dns-security-outgoing; Tue, 13 Oct 1998 15:37:53 -0400 (EDT) Message-Id: <199810131956.PAA03873@torque.pothole.com> X-Authentication-Warning: torque.pothole.com: localhost [127.0.0.1] didn't use HELO protocol To: dns-security@tis.com Subject: Three revised and one new DNSSEC draft Date: Tue, 13 Oct 1998 15:56:06 -0400 From: "Donald E. Eastlake 3rd" X-Mts: smtp Sender: owner-dns-security@ex.tis.com Precedence: bulk I have submitted one new draft on DNSSEC key rollover co-authored with Mark Andrews and three updated drafts. The changes to the updated drafts are minor and the result of discusssion with the IESG. For the updated drafts, a list of changes appears at the end of the "Status of This Document" section. Thanks, Donald PS: untill they appear in the IETF directories, you can find these at and . ===================================================================== Donald E. Eastlake 3rd +1 978-287-4877 dee3@torque.pothole.com 318 Acton Street +1 978-371-7148(fax) Carlisle, MA 01741 USA From owner-dns-security Thu Oct 15 08:33:33 1998 Received: by portal.ex.tis.com (8.9.1/8.9.1) id IAA02420 for dns-security-outgoing; Thu, 15 Oct 1998 08:28:39 -0400 (EDT) Message-Id: <199810141422.KAA13795@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce:; Cc: dns-security@tis.com From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-dnssec-rollover-00.txt Date: Wed, 14 Oct 1998 10:22:31 -0400 Sender: owner-dns-security@ex.tis.com Precedence: bulk --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Domain Name System Security Working Group of the IETF. Title : Domain Name System (DNS) Security Key Rollover Author(s) : D. Eastlake, M. Andrews Filename : draft-ietf-dnssec-rollover-00.txt Pages : 9 Date : 13-Oct-98 Practical deployment of Domain Name System (DNS) security with good cryptologic practice will involve large volumes of key rollover traffic. A standard format and protocol for such messages is specified. Internet-Drafts are available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-dnssec-rollover-00.txt". A URL for the Internet-Draft is: ftp://ftp.ietf.org/internet-drafts/draft-ietf-dnssec-rollover-00.txt Internet-Drafts directories are located at: Africa: ftp.is.co.za Europe: ftp.nordu.net ftp.nis.garr.it Pacific Rim: munnari.oz.au US East Coast: ftp.ietf.org US West Coast: ftp.isi.edu Internet-Drafts are also available by mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-dnssec-rollover-00.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <19981013160520.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-dnssec-rollover-00.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-dnssec-rollover-00.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <19981013160520.I-D@ietf.org> --OtherAccess-- --NextPart-- From owner-dns-security Thu Oct 15 10:41:27 1998 Received: by portal.ex.tis.com (8.9.1/8.9.1) id KAA03718 for dns-security-outgoing; Thu, 15 Oct 1998 10:40:56 -0400 (EDT) Message-Id: <199810151440.KAA09469@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce:; Cc: dns-security@tis.com From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-dnssec-ddi-06.txt Date: Thu, 15 Oct 1998 10:40:16 -0400 Sender: owner-dns-security@ex.tis.com Precedence: bulk --NextPart Note: This revision reflects comments received during the last call period. A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Domain Name System Security Working Group of the IETF. Title : Detached Domain Name System (DNS) Information Author(s) : D. Eastlake Filename : draft-ietf-dnssec-ddi-06.txt Pages : 7 Date : 14-Oct-98 A standard format is defined for representing detached DNS information. This is anticipated to be of use for storing information retrieved from the Domain Name System (DNS), including security information, in archival contexts or contexts not connected to the Internet. Internet-Drafts are available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-dnssec-ddi-06.txt". A URL for the Internet-Draft is: ftp://ftp.ietf.org/internet-drafts/draft-ietf-dnssec-ddi-06.txt Internet-Drafts directories are located at: Africa: ftp.is.co.za Europe: ftp.nordu.net ftp.nis.garr.it Pacific Rim: munnari.oz.au US East Coast: ftp.ietf.org US West Coast: ftp.isi.edu Internet-Drafts are also available by mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-dnssec-ddi-06.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <19981014170927.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-dnssec-ddi-06.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-dnssec-ddi-06.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <19981014170927.I-D@ietf.org> --OtherAccess-- --NextPart-- From owner-dns-security Thu Oct 15 10:41:27 1998 Received: by portal.ex.tis.com (8.9.1/8.9.1) id KAA03715 for dns-security-outgoing; Thu, 15 Oct 1998 10:40:55 -0400 (EDT) Message-Id: <199810151440.KAA09447@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce:; Cc: dns-security@tis.com From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-dnssec-dss-03.txt Date: Thu, 15 Oct 1998 10:40:02 -0400 Sender: owner-dns-security@ex.tis.com Precedence: bulk --NextPart Note: This revision reflects comments received during the last call period. A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Domain Name System Security Working Group of the IETF. Title : DSA KEYs and SIGs in the Domain Name System (DNS) Author(s) : D. Eastlake Filename : draft-ietf-dnssec-dss-03.txt Pages : 6 Date : 14-Oct-98 A standard method for storing US Government Digital Signature Algorithm keys and signatures in the Domain Name System is described which utilizes DNS KEY and SIG resource records. Internet-Drafts are available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-dnssec-dss-03.txt". A URL for the Internet-Draft is: ftp://ftp.ietf.org/internet-drafts/draft-ietf-dnssec-dss-03.txt Internet-Drafts directories are located at: Africa: ftp.is.co.za Europe: ftp.nordu.net ftp.nis.garr.it Pacific Rim: munnari.oz.au US East Coast: ftp.ietf.org US West Coast: ftp.isi.edu Internet-Drafts are also available by mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-dnssec-dss-03.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <19981014170540.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-dnssec-dss-03.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-dnssec-dss-03.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <19981014170540.I-D@ietf.org> --OtherAccess-- --NextPart-- From owner-dns-security Thu Oct 15 10:42:10 1998 Received: by portal.ex.tis.com (8.9.1/8.9.1) id KAA03746 for dns-security-outgoing; Thu, 15 Oct 1998 10:41:52 -0400 (EDT) Message-Id: <199810151440.KAA09490@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce:; Cc: dns-security@tis.com From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-dnssec-rsa-01.txt Date: Thu, 15 Oct 1998 10:40:29 -0400 Sender: owner-dns-security@ex.tis.com Precedence: bulk --NextPart Note: This revision reflects comments received during the last call period. A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Domain Name System Security Working Group of the IETF. Title : RSA/MD5 KEYs and SIGs in the Domain Name System (DNS) Author(s) : D. Eastlake Filename : draft-ietf-dnssec-rsa-01.txt Pages : 6 Date : 14-Oct-98 A standard method for storing RSA keys and and RSA/MD5 based signatures in the Domain Name System is described which utilizes DNS KEY and SIG resource records. Internet-Drafts are available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-dnssec-rsa-01.txt". A URL for the Internet-Draft is: ftp://ftp.ietf.org/internet-drafts/draft-ietf-dnssec-rsa-01.txt Internet-Drafts directories are located at: Africa: ftp.is.co.za Europe: ftp.nordu.net ftp.nis.garr.it Pacific Rim: munnari.oz.au US East Coast: ftp.ietf.org US West Coast: ftp.isi.edu Internet-Drafts are also available by mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-dnssec-rsa-01.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <19981014171153.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-dnssec-rsa-01.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-dnssec-rsa-01.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <19981014171153.I-D@ietf.org> --OtherAccess-- --NextPart-- From owner-dns-security Mon Oct 26 09:01:23 1998 Received: by portal.ex.tis.com (8.9.1/8.9.1) id IAA14383 for dns-security-outgoing; Mon, 26 Oct 1998 08:54:23 -0500 (EST) From: Kai Martius Organization: Uniklinik TUD To: dns-security@tis.com Date: Mon, 26 Oct 1998 14:48:23 +0100 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: TIS Implementation Reply-to: kai@imib.med.tu-dresden.de X-mailer: Pegasus Mail for Windows (v2.54) Message-ID: Sender: owner-dns-security@ex.tis.com Precedence: bulk Hi, is there any more detailed setup instruction than the files included in the TAR-File? I want to setup a very simple test scenario with 2 servers, one for bar.com and one for foo.bar.com. I want to see how the SIG-record verification works on foo.bar.com for Records it retrieves from bar.com. Which records in both zones are absolutely necessary and what entires do I need in the boot-files? Can I test without a root server? Thanks Kai # Kai Martius # # Dpt. of Medical CS and Biometrics / Dresden University of Technology # # PGP Fingerprint: to be compared after download of my key # # Key and more info (especially IP-security related) see my Homepage # # http://www.imib.med.tu-dresden.de/imib/personal/kai.html # From owner-dns-security Mon Oct 26 16:46:02 1998 Received: by portal.ex.tis.com (8.9.1/8.9.1) id QAA16250 for dns-security-outgoing; Mon, 26 Oct 1998 16:44:39 -0500 (EST) Message-ID: <19981027090146.C5150@draci.its.uow.edu.au> Date: Tue, 27 Oct 1998 09:01:46 +1100 From: Peter Gray To: dns-security@tis.com Subject: Secure implementation of bind 8, when? Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93i Sender: owner-dns-security@ex.tis.com Precedence: bulk I assume there is a plan to integrate the security release into bind 8. What is the time scale on this? Regards, pdg From owner-dns-security Wed Oct 28 08:23:53 1998 Received: by portal.ex.tis.com (8.9.1/8.9.1) id IAA23995 for dns-security-outgoing; Wed, 28 Oct 1998 08:17:00 -0500 (EST) Message-Id: <199810280835.DAA11669@tapas.nixu.fi> X-Mailer: exmh version 2.0zeta 7/24/97 To: dns-security@tis.com cc: lea@tapas.nixu.fi Subject: CERT draft? Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 28 Oct 1998 03:35:00 -0500 From: Lea Viljanen Sender: owner-dns-security@ex.tis.com Precedence: bulk Any plans of updating or advancing the certs-02 draft which expired in September? The draft looks acceptable to me. -- Lea 'LadyBug' Viljanen NameSurfer Ltd Lea.Viljanen@namesurfer.com WWW-based DNS-tools From owner-dns-security Thu Oct 29 16:22:21 1998 Received: by portal.ex.tis.com (8.9.1/8.9.1) id QAA01252 for dns-security-outgoing; Thu, 29 Oct 1998 16:18:25 -0500 (EST) Message-Id: <3.0.5.32.19981029163938.0082d100@localhost> X-Sender: ogud@localhost X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32) Date: Thu, 29 Oct 1998 16:39:38 -0500 To: Peter Gray , dns-security@tis.com From: Olafur Gudmundsson Subject: Re: Secure implementation of bind 8, when? In-Reply-To: <19981027090146.C5150@draci.its.uow.edu.au> Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by portal.ex.tis.com id QAA01249 Sender: owner-dns-security@ex.tis.com Precedence: bulk At 09:01 AM 10/27/98 +1100, Peter Gray wrote: >I assume there is a plan to integrate the security >release into bind 8. What is the time scale on this? Yes there is a plan, Time scale to be announced in the near future Olafur ps: Little more information in http://www.nai.com/about/news/press/1998/august/082598.asp ---------------------------------------------------- Ólafur Guðmundsson (in ISO-8859-1) ogud@tis.com (work) Olafur Gudmundsson (in US ascii) ogud@acm.org (private) (301)-854-5700 Fax: x5363 From owner-dns-security Fri Oct 30 11:07:58 1998 Received: by portal.ex.tis.com (8.9.1/8.9.1) id LAA04640 for dns-security-outgoing; Fri, 30 Oct 1998 11:04:29 -0500 (EST) Message-Id: <3.0.5.32.19981030112528.009c2d80@localhost> X-Sender: ogud@localhost X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32) Date: Fri, 30 Oct 1998 11:25:28 -0500 To: dns-security@tis.com From: Olafur Gudmundsson Subject: Clarification on key tag calculation Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by portal.ex.tis.com id LAA04637 Sender: owner-dns-security@ex.tis.com Precedence: bulk The text in sec-ext2 is little bit ambiguous what part of the KEY RDATA is covered by the key tag calculation (for algorithm != RSA). The RDATA consists of [] The intent is that only the field is covered in the calculation, I have asked Donald about this clarification and he agrees and will update the draft accordingly in the next revision. I do not think that anyone assumed that the whole of the RDATA was covered in the key tag calculation but the text need clarification. Any objections ? Olafur ---------------------------------------------------- Ólafur Guðmundsson (in ISO-8859-1) ogud@tis.com (work) Olafur Gudmundsson (in US ascii) ogud@acm.org (private) (301)-854-5700 Fax: x5363