[29625] in North American Network Operators' Group
RE: PGP kerserver infrastructure
daemon@ATHENA.MIT.EDU (Randy Bush)
Fri Jun 30 12:28:34 2000
From: Randy Bush <randy@psg.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
To: "Eric M. Carroll" <eric.carroll@acm.org>
Cc: nanog@merit.edu, pgp-keyserver-folk@flame.org
Message-Id: <E1383cJ-0001Y5-00@rip.psg.com>
Date: Fri, 30 Jun 2000 09:26:11 -0700
Errors-To: owner-nanog-outgoing@merit.edu
> When you look at this issue, there are three competing subproblems:
> 1) How do I find the X server for domain Y that domain Y is running?
> 1A) How do I find the X server that proxies for domain Y (a subcase of 1)
> 2) How do I find user Z in domain Y when no server (proxy or native) is
> available?
> 3) How do I find user Z in a list of user registries? (and how do I find
> the definitive list of user registries?)
to users, there are only two questions:
o given a pgp id, show me the key
o kiven a key id, show me the key
all of the 'sub-problems' above are a symptoms of trying to impose multiple
servers, dns-based solutions, proxies, ... to solve a classic internet
scaling problem. simply don't go there, complexity increses super-linearly
with scale with these methods.
randy
