[82479] in North American Network Operators' Group
Re: Non-English Domain Names Likely Delayed
daemon@ATHENA.MIT.EDU (Crist Clark)
Tue Jul 19 14:11:43 2005
Date: Tue, 19 Jul 2005 11:11:18 -0700
From: Crist Clark <crist.clark@globalstar.com>
In-reply-to: <p06200767bf027f65d653@[10.0.1.3]>
To: NANOG <nanog@merit.edu>
Reply-To: crist.clark@globalstar.com
Errors-To: owner-nanog@merit.edu
Brad Knowles wrote:
>
> At 10:31 AM +0200 2005-07-19, Iljitsch van Beijnum wrote:
>
>>> And for 99% of the users out there,
>>
>>
>>> 4) the caching servers for their ISP/employer/other access
>>> provider
>>
>>
>> Actually, you don't. If the DNS provides false information, the public
>> key crypto will catch this. Sure, you won't be able to communicate, but
>> you can't be fished that way.
>
>
> What public key crypto are you talking about? You seem to think
> that something like DNSSEC is in wide use throughout the world, which is
> a very strange notion for someone to have when they damn well should
> know better.
He is making the assumption that if someone has got a cert for,
www.blah.com
From one of the "well known" CAs, no one else can get one from one
of the well-known CAs for that same name.
--
Crist J. Clark crist.clark@globalstar.com
Globalstar Communications (408) 933-4387
