[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Q2: crypto algorithm requirements for DNSSEC

To: Jim Reid <Jim.Reid@nominum.com>
Subject: Re: Q2: crypto algorithm requirements for DNSSEC
From: Mark.Andrews@isc.org
Date: Fri, 14 Feb 2003 08:34:34 +1100
Cc: Jakob Schlyter <jakob@crt.se>, Miek Gieben <miekg@atoom.net>, Scott Rose <scottr@nist.gov>, namedroppers@ops.ietf.org
In-reply-to: Your message of "Thu, 13 Feb 2003 04:03:02 -0800." <31581.1045137782@shell.nominum.com>

> signing and verifying => making deployment more straightforward. And
> ISTR from cryptography 101 class that it's usually not a good idea to
> encrypt or sign the same stuff with different keys or algorithms.

	Encrypting things multiple times is a problem.
	Signing the same known plain text isn't.
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews@isc.org

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

Follow-Ups:
- Re: Q2: crypto algorithm requirements for DNSSEC
  - From: Derek Atkins <derek@ihtfp.com>

References:
- Re: Q2: crypto algorithm requirements for DNSSEC
  - From: Jim Reid <Jim.Reid@nominum.com>

Prev by Date: Re: Q2: crypto algorithm requirements for DNSSEC
Next by Date: Re: DNSEXT WGLC Summary: RFC1886bis-01
Previous by thread: Re: Q2: crypto algorithm requirements for DNSSEC
Next by thread: Re: Q2: crypto algorithm requirements for DNSSEC
Index(es):
- Date
- Thread