On 2014-05-05, at 1:12 PM, <pjklau...@gmail.com> <pjklau...@gmail.com> wrote:
> -----Original Message----- > From: Jeffrey Goldberg [mailto:jeff...@goldmark.org] >> Just because you are talking to the right IP address doesn't mean >> you are talking the right host. > > You're right yes ( I did forget :), but if a DNS can somehow guarantee a > correct "hostname->IPAddress" mapping, then it can also guarantee a correct > "hostname->public key" ( or self signed certificate) mapping. Ah. OK. Thanks for spelling that out for me. Now it makes sense. Cheers, -j _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography