I really like the Shoup paper. But I've not seen too many implementations in
the wild. :)
--bill
On Tue, Mar 10, 2009 at 12:49:55PM -0400, Michael StJohns wrote:
> Hi Alfred -
>
> A better scheme for threshold signing for the root might be the Shoup paper:
> "Practical Threshold Signature
In message <20090310232216.gc3...@sirocco.local>, Matt Larson writes:
> On Wed, 11 Mar 2009, Mark Andrews wrote:
> >
> > In message <20090310213643.gn2...@dul1mcmlarson-l1.local>, Matt Larson writ
> es:
> > > Mark,
> > >
> > > On Wed, 11 Mar 2009, Mark Andrews wrote:
> > > > [...] it is impossib
On Wed, 11 Mar 2009, Mark Andrews wrote:
>
> In message <20090310213643.gn2...@dul1mcmlarson-l1.local>, Matt Larson writes:
> > Mark,
> >
> > On Wed, 11 Mar 2009, Mark Andrews wrote:
> > > [...] it is impossible to convert a DS to a DNSKEY prior to the
> > > publication of the DNSKEY in the DNS.
In message <20090310213643.gn2...@dul1mcmlarson-l1.local>, Matt Larson writes:
> Mark,
>
> On Wed, 11 Mar 2009, Mark Andrews wrote:
> > [...] it is impossible to convert a DS to a DNSKEY prior to the
> > publication of the DNSKEY in the DNS.
>
> Why would a validator ever need to do this?
On Mar 10 2009, Mark Andrews wrote:
Has anyone on this list ever typed in a DNSKEY or DS as a
trust anchor? I would presume that most (99.%) people
would just cut-and-paste or the equivalent. I call "ease
of typing" a unjustifiable justification as no one will be
doing it even for DS recor
All,
After somewhat of a longer hiatus on Peter's part (the WG last
call on one document seems to have drifted by and then dropped) and my part
(largely to do with increased workload), I have finally put together new
versions of each draft.
The proceeding is based on some correspondence b
Mark,
On Wed, 11 Mar 2009, Mark Andrews wrote:
> [...] it is impossible to convert a DS to a DNSKEY prior to the
> publication of the DNSKEY in the DNS.
Why would a validator ever need to do this?
Matt
___
DNSOP mailing list
DNSOP@ietf.org
https://www.
In message , Edward Lewis writes:
> At 8:35 +1100 3/10/09, Mark Andrews wrote:
>
> > This make DNSKEY a better manditory record to publish.
>
> While there's little empirical data on trust anchors to date, my
> inclination is to whole-heartedly disagree with this statement. So
> long as t
On Mar 10, 2009, at 11:31 AM, Patrik Fältström wrote:
On 10 mar 2009, at 19.07, David Conrad wrote:
P.S. Out of curiosity, what is "一" (Japanese Kanji for the number
1) considered?
U+4E00 : Lo, Other_Letter, L, Left_To_Right
I.e. it is a letter. With strong directionality. So according to the
On 10 mar 2009, at 19.07, David Conrad wrote:
P.S. Out of curiosity, what is "一" (Japanese Kanji for the number
1) considered?
U+4E00 : Lo, Other_Letter, L, Left_To_Right
I.e. it is a letter. With strong directionality. So according to the
Unicode properties that we use so far, that is "no
Hi Alfred -
A better scheme for threshold signing for the root might be the Shoup paper:
"Practical Threshold Signatures", Victor Shoup (s...@zurich.ibm.com), IBM
Research Paper RZ3121, 4/30/99
The major difference between the two is that the Shamir system (which you
describe) requires the bas
Patrik,
On Mar 10, 2009, at 12:30 AM, Patrik Fältström wrote:
On 9 mar 2009, at 19.16, David Conrad wrote:
This doesn't make any sense to me. I am fairly certain there will
be a request to add the U-label "日本" (Japanese Kanji for
Japan). This isn't alphabetic in any sense of the term.
To
At 8:35 +1100 3/10/09, Mark Andrews wrote:
This make DNSKEY a better manditory record to publish.
While there's little empirical data on trust anchors to date, my
inclination is to whole-heartedly disagree with this statement. So
long as the DS record points to a unique DNSKEY recor
At 00:43 10/03/2009, Mark Andrews wrote:
In message <20090310041254.gb4...@vacation.karoshi.com.>,
bmann...@vacation.kar
oshi.com writes:
> On Tue, Mar 10, 2009 at 12:55:51PM +1100, Mark Andrews wrote:
> >
> > In message ,
David Black
> a wr
> > ites:
> > >
> > > On Mar 9, 2009, at 5:35 PM, M
At 17:35 09/03/2009, Mark Andrews wrote:
On a related issue DS -> DNSKEY translations cannot be
performed until the DNSKEY is published in the zone. The
use of DS prevents pre-publishing of keys.
Once the key is generated a DS of it can be generated.
Our draft does no
On Tue, Mar 10, 2009 at 10:27:21AM +0100, Stephane Bortzmeyer wrote:
> On Mon, Mar 09, 2009 at 01:04:42PM -0400,
> Andrew Sullivan wrote
> a message of 59 lines which said:
>
> > John's view is that the original "alphabetic restriction" in 1123
> > was indeed intended as a restriction,
>
> I
On 10 mar 2009, at 08.30, Patrik Fältström wrote:
If you use a mac, let me recommend UnicodeChecker from http://earthlingsoft.net
Hmm...that domain seems to be not delegated at the moment. Anyone have
other contacts?
Patrik
___
DNSOP mailing
On Mon, Mar 09, 2009 at 01:04:42PM -0400,
Andrew Sullivan wrote
a message of 59 lines which said:
> John's view is that the original "alphabetic restriction" in 1123
> was indeed intended as a restriction,
I was not there at the creation but I find it worrying to rely on the
recollection of o
Hello,
Just a short explanation.
> Interestingly, I tried a couple of IDN test tools (IMC's and NASK's) to
> convert that UTF-8 string into the appropriate A-label and both
> indicated there are invalid characters. I'm getting an uneasy feeling...
IDN translation tool accepts only allowed charac
On 9 mar 2009, at 19.11, Edward Lewis wrote:
If A-labels conform to the rules in 1123 and all U-labels can be
translated to A-labels, is BiDi an issue (for the DNS)?
The $1 question has to do with the (for the DNS) part of what you
write. Domain names are not only used in the DNS as we
On 9 mar 2009, at 19.16, David Conrad wrote:
This doesn't make any sense to me. I am fairly certain there will
be a request to add the U-label "日本" (Japanese Kanji for Japan).
This isn't alphabetic in any sense of the term.
To some degree it is, as the two characters are:
U+65E5 : Lo, Le
21 matches
Mail list logo
