[dnssec-deployment] Fwd: New Version Notification for draft-faltstrom-root-trust-anchor-validation-00
marc.blanchet at viagenie.ca
Wed Apr 8 11:16:42 EDT 2009
the draft says:
"Someone that receive such a signed TAR can verify the signatures"
how do I get the key to verify the signature(s)?
in a way that I can trust that key?
is this just moving the problem somewhere else?
I guess I'm missing something.
Patrik Fältström a écrit :
> I just wanted you all to know about this. It is nothing special at all,
> but rather something Jakob and I had to "just" write down as we where
> both involved in tons of discussions on how to distribute the public
> part of the KSK. For us it was simple. "Just" sign it with PGP or
> whatever. And anyone can sign it and redistribute it after they know
> what they sign is the right data.
> But we got so many questions we wrote it down.
> Begin forwarded message:
>> From: IETF I-D Submission Tool <idsubmission at ietf.org>
>> Date: on 8 apr 2009 14.54.58 GMT+02:00
>> To: paf at cisco.com
>> Cc: jakob at kirei.se
>> Subject: New Version Notification for
>> A new version of I-D,
>> draft-faltstrom-root-trust-anchor-validation-00.txt has been
>> successfuly submitted by Patrik Faltstrom and posted to the IETF
>> Filename: draft-faltstrom-root-trust-anchor-validation
>> Revision: 00
>> Title: Validation of the root trust anchor for the DNS
>> Creation_date: 2009-04-08
>> WG ID: Independent Submission
>> Number_of_pages: 6
>> This document describes practical requirements and needs for
>> automatic validation of the root trust anchor for the DNS. It also
>> proposes a mechanism using PGP and/or S/MIME that can be used to
>> fulfil the requirements.
>> The IETF Secretariat.
IPv6 book: Migrating to IPv6, Wiley. http://www.ipv6book.ca
Stun/Turn server for VoIP NAT-FW traversal: http://numb.viagenie.ca
DTN news service: http://reeves.viagenie.ca
More information about the Dnssec-deployment