Then a global PKI protocol server needs to be invented so you can just get the certs from the domain in question. i dont wanna see DNS system bogged down by this stuff. IMHOOC! use dns to get the IP and request from its IP the pki doc.. duh. 6/11/02 6:51:26 PM, Derek Atkins <derek@ihtfp.com> wrote: >David Conrad <david.conrad@nominum.com> writes: > >> Why do you think the roots and TLDs would get millions of TCP queries for >> their certs? Why would anyone want to get the certs of the roots or tlds?