At 10:42 PM -0700 6/12/02, Einar Stefferud wrote: >May I suggest that someone do a little work on proving the trust is >transitive, as that is what this is really all about, and if it >turns out that trust in not transitive, then what was the point? > >Maybe if you ask Google about trust transitivity, you all might >learn something;-)... > >Cheers..Stef > >PS: I trimmed the address list to just IETF;-)...\s > Stef, Trust generally is not transitive, but cert chains are not about transitive trust. The DNS is a hierarchy with clear lines of authority for name spaces. A PKI modeled on the DNS would parallel the existing hierarchy and merely codify the relationships expressed by it in the form of public key certs. Steve