Re: Global PKI on DNS?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



At 10:42 PM -0700 6/12/02, Einar Stefferud wrote:
>May I suggest that someone do a little work on proving the trust is 
>transitive, as that is what this is really all about, and if it 
>turns out that trust in not transitive, then what was the point?
>
>Maybe if you ask Google about trust transitivity, you all might 
>learn something;-)...
>
>Cheers..Stef
>
>PS:  I trimmed the address list to just IETF;-)...\s
>

Stef,

Trust generally is not transitive, but cert chains are not about 
transitive trust. The DNS is a hierarchy with clear lines of 
authority for name spaces. A PKI modeled on the DNS would parallel 
the existing hierarchy and merely codify the relationships expressed 
by it in the form of public key certs.

Steve


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]