Date: Wed, 9 Oct 2002 16:45:06 -0700 (PDT) From: Mike Hoskins <mike@adept.org> To: Lyndon Nerenberg <lyndon@orthanc.ab.ca> Cc: security@FreeBSD.ORG Subject: Re: md5 checksum server Message-ID: <20021009164341.E88705-100000@fubar.adept.org> In-Reply-To: <200210092206.g99M6oGI092623@orthanc.ab.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 9 Oct 2002, Lyndon Nerenberg wrote: > DNS isn't the right place for this. You could make the same arguments about portsdb.org... > 1) it requires DNSSEC to ensure the MD5 record data isn't forged Easy enough. > 2) DNS caching would hide updates for the duration of the TTL > attached to the TXT record Tuneable. I didn't say this was ideal, but it's easy to setup does work in the wild now for some datasets. Regardless, I'm not attached to any one proposal... Feel free to make others. :) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021009164341.E88705-100000>