Re: summary of Secure Shell (secsh) meeting at ietf52

[Wes Griffin <wgriffin%tislabs.com@localhost>]

* Rodney Thayer <rodney%tillerman.to@localhost> [12/11/01 13:06]:
> At the DNSEXT meeting, there was a (mildly surreal) exchange where
> they attempted to not allow "yucky applications", like SSH, to
> store keys in DNS.  They claimed to want to dodge that work
> by waiting until the apps asked for it, and when several people
> in the room pointed out that people in the SSH wg were talking
> about it, this got ignored.
> 
> So I think we need to have something, requirements or whatever,
> that we whack the DNSEXT wg with, so they know we're thinking
> about it, regardless of what 'we' want to do.

That is the idea, and what I'm in the process of doing, but for a larger
group of applications, not just SSH. I was also told after the meeting,
that I could gut the current draft and re-write it to keep the title,
which I might infact do and turn it into a requirements document. Is
that reasonable?
 
> At 09:55 AM 12/11/2001 -0800, Darren J Moffat wrote:
> >If I remeber correctly the author of the DNS host key storage draft
> >said that the have no intention of continuting with it in its current
> >form and that the draft will be left to expire unchanged.  They wish
> >to go back to requirements gathering and this may result in solving
> >the problem space a different way (ie maybe not DNS as I gathered).

-- 
Wes Griffin                                                     NAI Labs
wgriffin at tislabs.com                                     443.259.2388