[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Evaluation: draft-ietf-secsh-dns - Using DNS to securely publish SSH key fingerprints
> Yes No-Objection Discuss Abstain
> Thomas Narten [ ] [ ] [ X ] [ ]
The approach suggested here shifts the burden of key checking from
each user of a machine to the key checking performed by the
administrator of the DNS recursive server used to resolve the host
information. Hopefully, by reducing the number of times that keys
Don't understand. Key checking is performed by software, not the
administrator...
IANA section should reference 2434 definitions, since it uses them.
Mail on namedroppers from Mark Andrews on May 13 suggesed a wording
tweak; this hasn't happened, according to the date of the draft.