From: Randy Bush <randy@psg.com>
Date: Tue, 13 Jun 2006 15:16:50 -0700
To: Paul Vixie <paul@vix.com>
Cc: nanog@merit.edu
Subject: Re: wrt joao damas' DLV talk on wednesday> therefore registrars (like alice's... remember alice? this is a song about
> alice) have no place to go with registrant KSK data at this time. this in
> turn keeps most registrars from bothering to collect or store this "useless"
> data. ISC proposes to accept this KSK data (in the form of DLV RRs) via
> authenticated automated processes whereby "lots of keys" can be sent to us
> by interested/participating registrars. we do not have a good way of
knowing
> whether somebody is or isn't the registrant for bankofamerica.com, but we
> think that bank of america's registrar does have a way of authenticating the
> registrant. and we know how to authenticate bankofamerica.com's registrar.
> so there IS a more scalable, untouched-by-human-hands, trust path available.thanks for actual technalia.
( first, i suspect much of the confusion could come from your
thinking that the place up on skyline is *the* alice's restaurant.
it isn't. the real one was in stockbridge, mass, and rather
short-lived. so you can see why one might wonder about isc's
validation methods.
Actually, Paul might have been talking about Alice, Bob, and Mike.
Well knows personages in cryptography circles. Alice and Bob want to
exchange keys Mike is in the middle trying to figure out what alice and
Bob are up to and also trying to thwart the exchange if possible. Or
at the very least, gain knowledge of the keys so that Mike can read
Alice's and Bob's message traffic.