Hi Niels,
Am 29.02.2004 um 16:48 schrieb Niels Möller:
Stefan Pfetzing dreamind@dreamind.de writes:
sorry I hope I don't bother you with all these mails in the past...
I think it would be slightly better to use the lsh-bugs@lists.lysator.liu.se mailing list, but I don't mind getting private mail about lsh.
Ok cc'ed the list ;)
do you know if there is some way to store the lsh keys in a ldap directory (the public ones)?
No. Are you thinking about server keys or user keys? Current storage of user keys on the server (~/.lsh/authorized_keys_sha1) is a hack. Storage of host keys on klients, in the form of spki acl:s, is better.
Hm, well I thought of User pubkeys :)
I think getting hostkey fingerprints via dnssec is something I'd give priority above hostkeys via ldap.
Hm, ok this would be fine, when PowerDNS (my preferred DNS server, which gathers its data from LDAP or several other backends) supports dnssec.
bye
Stefan