Non-English Domain Names Likely Delayed
Crist Clark
crist.clark at globalstar.com
Tue Jul 19 18:11:18 UTC 2005
Brad Knowles wrote:
>
> At 10:31 AM +0200 2005-07-19, Iljitsch van Beijnum wrote:
>
>>> And for 99% of the users out there,
>>
>>
>>> 4) the caching servers for their ISP/employer/other access
>>> provider
>>
>>
>> Actually, you don't. If the DNS provides false information, the public
>> key crypto will catch this. Sure, you won't be able to communicate, but
>> you can't be fished that way.
>
>
> What public key crypto are you talking about? You seem to think
> that something like DNSSEC is in wide use throughout the world, which is
> a very strange notion for someone to have when they damn well should
> know better.
He is making the assumption that if someone has got a cert for,
www.blah.com
From one of the "well known" CAs, no one else can get one from one
of the well-known CAs for that same name.
--
Crist J. Clark crist.clark at globalstar.com
Globalstar Communications (408) 933-4387
More information about the NANOG
mailing list