Re: Transfering a domain

[davidk@ISI.EDU]

Rick,

> Rick H. Wesson writes :
> 
> If there is a large global public key ring generated as an artifact of
> manageing the CORE db, it would be in the best interst for this to be
> published and searchable via a trusted third party. IMHO any information
> used by CORE should have some type of WHOIS interface into the repository
> that is publicly available.
> 
> To limit the interactive availablity of this information only to the
> regestries, would IMHO be a disservice to the community at large.
> There is truely no good reason to prevent the folks that run the CORE db
> from publishing this type of information interactively.
> 
> In your design, the end-user must have a published public key to have a domain
> deligated? I feel this may be a bit unreasonable.

Of course the data should be published, I am just a bit paranoid about
adding tasks to CORE. That is the reason why I would probably prefer to
store the keys for review in DNS since CORE needs to generate DNS
configuration files anyway and it seems that DNS is easy to query for
most people. Of course, to be honest, I would not violently oppose a very
light weight whois service that does nothing but giving back the
registered information in the repository (which should only include DNS
configuration data & public keys) with the domain name as the only
possible key. However, any extra service needs to managed and supported
and that is the reason I would choose for the DNS approach which is
working right out of the box and needs to be supported anyway. Note that
the combination of domain name and public key in DNS could give some very
powerful tools for security conscious people while it is easier to access
for software then another non-standard whois would be,

David K.
---