[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [idn] SC/TC equivalence

To: "Adam M. Costello" <amc@cs.berkeley.edu>
Subject: Re: [idn] SC/TC equivalence
From: Erik Nordmark <Erik.Nordmark@eng.sun.com>
Date: Mon, 13 Aug 2001 16:02:34 +0200 (CEST)
Cc: idn@ops.ietf.org
Reply-To: Erik Nordmark <Erik.Nordmark@eng.sun.com>


> I think the server is always supposed to answer the query that was asked
> (A, not A').  If maintaining records for all equivalent variants of
> A' is too expensive, it could instead generate the response (and the
> signature) on the fly.  It could use caching to remember the responses
> for the most common variants.

DNSsec is specified to work without keeping the private key on-line
(doing the signing off-line can be made secure) thus you
can't assume that servers will be able to sign on the fly.

  Erik

Prev by Date: Re: [idn] IDNs do not use ASCII
Next by Date: Re: [idn] Which names are valid?
Prev by thread: Re: [idn] SC/TC equivalence
Next by thread: Re: [idn] SC/TC equivalence
Index(es):
- Date
- Thread