On 10/20/2012 05:21 PM, Tobias Heer wrote:
Am 20.10.2012 17:04 schrieb "Miika Komu" <mkomu
<mailto:[email protected]>@ <mailto:[email protected]>cs.hut.fi
<mailto:[email protected]>>:
>
> Hi,
>
>
> On 10/20/2012 01:28 AM, Henderson, Thomas R wrote:
>>>
>>>
>>> Since parsing and formatting code for both is pretty much ubiquitous
>>> and the packet space is dominated by the key itself, I see no real
>>> reason to change. That DNSKEY is supposed only to be used for DNSSEC
>>> is a distraction, we have our own RR and reusing the wire format is
>>> merely a convenience.
>>
>>
>> +1
>
>
> fine by me as well.
I agree. +1.
All we need is for the Ericsson people to chime in and we have pretty
much all the original developers.
As Andrew, I remember the meeting where we chose DNSKEY format. I
remember the lobby, but could not place the meeting date, but Andrew was
busy coding already so he is a reliable source of when we did this.
There was a attitude of avoiding x509ish things, plus DNSKEY format was
more readable than ASN.1. Don't know if that what others were thinking,
but I sure was!
I would rather leave it as is. No real justification to switch, and it
keeps ASN.1 out of the basic parameters. Only if you are supporting
real certs will you be working with ASN.1.
_______________________________________________
Hipsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/hipsec
