nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Non-English Domain Names Likely Delayed

From: Crist Clark <crist.clark () globalstar com>
Date: Tue, 19 Jul 2005 11:11:18 -0700

Brad Knowles wrote:


At 10:31 AM +0200 2005-07-19, Iljitsch van Beijnum wrote:


 And for 99% of the users out there,




   4) the caching servers for their ISP/employer/other access
     provider



 Actually, you don't. If the DNS provides false information, the public
 key crypto will catch this. Sure, you won't be able to communicate, but
 you can't be fished that way.
What public key crypto are you talking about? You seem to think that something like DNSSEC is in wide use throughout the world, which is a very strange notion for someone to have when they damn well should know better. 

He is making the assumption that if someone has got a cert for,

        www.blah.com

From one of the "well known" CAs, no one else can get one from one
of the well-known CAs for that same name.
--
Crist J. Clark                               crist.clark () globalstar com
Globalstar Communications                                (408) 933-4387
Previous By Date Next
Previous By Thread Next

Current thread: