In message <[EMAIL PROTECTED]>, Franck Martin write
s:
>
>--=-1oDXxRUK6t5l82vmGc/e
>Content-Type: text/plain
>Content-Transfer-Encoding: 7bit
>
>Here is a sample certificate... which is less than 2kB long...
>
>DNS protocol uses mainly udp, which I think can handle this size...
>
>You can know what it means by using the command (I think):
>
DNS packets are limited to 512 bytes. Few MTUs are larger than 1500.
Anyway -- the concept is called "appkeys", and has been discussed in
the dnsext working group. Check the archives.
Oh yes -- x.509 isn't the only way to do certificates.
--Steve Bellovin, http://www.research.att.com/~smb (me)
http://www.wilyhacker.com ("Firewalls" book)