OpenPGP data in the CERT RR

Matthew Byng-Maddick gnupg at
Wed Aug 7 10:44:02 CEST 2002

On Wed, Aug 07, 2002 at 01:50:29AM +0200, Simon Josefsson wrote:
> IN PGP ...
      Out of interest, why use the IN namespace at all?

OpenPGP does not have to be "Internet Network" related, even though it
is on the IETF standards-track.

I also ought to register my dislike of the whole twisting of the DNS to
serve up arbitrary PGP data. I'm really not fond of the use of CNAMEs and
other such meaningful (for hosts at least) RRs to do this. Not that I have
any influence, but it's a point of view. Especially as I know, off the top
of my head at least one case where the "represent the email address as you
would in an SOA" trick that you're talking about wouldn't work:
  Ben Laurie's canonical email address is: ben at
  try looking up the SOA RR for, and you'll find that it

This is, IMHO, a showstopper for the use of CNAMEs.


Matthew Byng-Maddick         <mbm at> 

More information about the Gnupg-devel mailing list