Re: Global PKI on DNS?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 08 Jun 2002 13:22:28 -0000, Franck Martin said:

> I was wondering if the best system to build a global PKI wouldn't be the
> DNS system already in place?

No.

1) There's *NOT* a good mapping between the DNS and LDAP (hint - DN=, O=,
and OU+ can be at the same level...)

2) DNS has to be *FAST*, especially at the root - we're talking on the
order of 200K queries a *SECOND*.  You figure out how to do that while
also tossing certificates around, let us know...
-- 
				Valdis Kletnieks
				Computer Systems Senior Engineer
				Virginia Tech

Attachment: pgp00076.pgp
Description: PGP signature


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]