> Date: Mon, 08 Mar 2010 10:03:26 -0800 > From: Michael Sinatra <mich...@rancid.berkeley.edu> > Sender: bind-users-bounces+oberman=es....@lists.isc.org > > On 3/7/10 10:46 AM, Danny Mayer wrote: > > > Autokey is not a cryptographic signature protocol. It *is* a > > authentication protocol for the server only and there are a number of > > exchanges that need to be done to complete the authentication of the > > server. You cannot compare this with DNSSEC and nothing in NTP is encrypted. > > Correct, the comparison was only to point out that Autokey, like DNSSEC, > doesn't encrypt payload because it doesn't need to.
More specifically, I don't WANT to encrypt the data for either DNS or NTP. In both cases I want the data to always be signed clear-text and that is what DNSSEC does. -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: ober...@es.net Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751 _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
