Re: Global PKI on DNS?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 8 Jun 2002, Michael Richardson wrote:
> >>>>> "Franck" == Franck Martin <franck@sopac.org> writes:
>     Franck> I was wondering if the best system to build a global PKI wouldn't be the
>     Franck> DNS system already in place?
> 
>     Franck> The root servers would share the ROOT Certificates and would sign a
>     Franck> certificate to each .org .com .net .fr,... managers of this
>     Franck> domains...Which in turn would use these certificates to sign sub
>     Franck> domains 
>     Franck> certificates...
> 
> Please see the minutes from the "siked" BOF from #53... oops, none produced.
> 
> http://www.ietf.org/ietf/02mar/siked.txt
> and the mailing list at keydist@cafax.se.

I think this was when Randy Bush (with Ops & Mgmt Area Director hat on)  
said that certificates will not be stored in DNS; keys.. if you really 
want, why not (but if you don't understand the difference between keys 
and certificates, be quiet).

Or at least that was how I remember how it went.

-- 
Pekka Savola                 "Tell me of difficulties surmounted,
Netcore Oy                   not those you stumble over and fall"
Systems. Networks. Security.  -- Robert Jordan: A Crown of Swords


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]