[foaf-protocols] DNSSEC and RFC4255
Mischa Tuffield
mischa.tuffield at garlik.com
Wed Jul 14 14:50:54 CEST 2010
Hello,
So I am aware that the DNSSEC[1] has been agreed/finalised (whatever the correct terminology is), and the way this can be used to work as a PKI[2] via the adoption of RFC4255 [3]. So, as far as I can tell this means that one could start securing communications to their domain via https, using their ssh key fingerprint, which is in turn propagated through the web via DNSSEC (or something). Naïvely, that means that we will no longer need to give monies to CAs (companies) to have signed certs.
So two things:
1. I wonder if I have got any wrong above, am I confused about something here?
2. What implications does this have for foaf+ssl? I guess it means that it will be easier to have trusted https based WebIDs such as : https://example.com/person#i ?
Anyways, I do apologies if I have got any of this wrong,
Mischa
[1] http://www.dnssec.net/
[2] http://en.wikipedia.org/wiki/Public_key_infrastructure
[3] http://tools.ietf.org/html/rfc4255
___________________________________
Mischa Tuffield PhD
Email: mischa.tuffield at garlik.com
Homepage - http://mmt.me.uk/
Garlik Limited, 1-3 Halford Road, Richmond, TW10 6AW
+44(0)845 645 2824 http://www.garlik.com/
Registered in England and Wales 535 7233 VAT # 849 0517 11
Registered office: Thames House, Portsmouth Road, Esher, Surrey, KT10 9AD
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.foaf-project.org/pipermail/foaf-protocols/attachments/20100714/bc4c8fbf/attachment-0001.htm
More information about the foaf-protocols
mailing list