Public storage for public keys
Jakob Schlyter
jakob at crt.se
Tue Jan 15 21:15:26 EST 2002
On Mon, 14 Jan 2002, Michael Tokarev wrote:
> > > how can you trust ldap?
> >
> > LDAP over TLS could be usable. not very scalable though.
>
> There is no need to have scalable backend for this sort of
> things.
multiple key distribution points is probably need for this to work,
otherwise you are toast when your ldap-server is done.
how do you set up trust for the tls session? how do I find which ldap
server(s) to query for host foo.example.com? what query do I make and
what attributes should I look for?
I'm not saying there are no answers to these questions, just that someone
has to document how this is supposed to work and present a working
solutions for this (i.e. running code).
jakob
More information about the openssh-unix-dev
mailing list