[Cryptech Tech] Fwd: Question regarding Trusted Path Authentication

Randy Bush randy at psg.com
Fri Dec 19 09:54:54 UTC 2014


> It's actually really, really hard to implement, hard to document, and
> hard to use.

your text makes a good argument. :)

note okubo san's email address.  i fear his point is that dnssec
signing, near and at the root, already does involve these complex
ceremonies and rituals.  i.e., in the long run we may have to
accommodate them.

so my question is what we need to be aware of in these early stages to
not preclude or make even more difficult treading this path in the
future.

> This is a feature that can go on the wishlist if required, but a long,
> long way down.

makes sense

randy


More information about the Tech mailing list