[cryptography] Request - PKI/CA History Lesson - the definition of trust

Jeffrey Goldberg jeffrey at goldmark.org
Tue May 6 00:47:48 EDT 2014


On 2014-05-05, at 1:12 PM, <pjklauser at gmail.com> <pjklauser at gmail.com> wrote:

> -----Original Message-----
> From: Jeffrey Goldberg [mailto:jeffrey at goldmark.org] 

>> Just because you are talking to the right IP address doesn't mean
>> you are talking the right host.
> 
> You're right yes ( I did forget :), but if a DNS can somehow guarantee a
> correct "hostname->IPAddress" mapping, then it can also guarantee a correct
> "hostname->public key" ( or self signed certificate) mapping.

Ah. OK. Thanks for spelling that out for me. Now it makes sense.

Cheers,

-j




More information about the cryptography mailing list