> A PKI modeled on the DNS would parallel > the existing hierarchy and merely codify the relationships expressed > by it in the form of public key certs. so what you're saying is that the cert would mean something like: "we certify that this key was supplied by a party who gave us money in exchange for our assigning domain name x.y to it. we have no idea who that party really is, whether it is trustworthy, and in particular whether that party can be trusted to manage its keys in such a way as to make compromise unlikely. for that matter, we're not even entirely sure whether the party that gave us money for this domain last time it was renewed was the same as the party that gave us money for the domain in the past. for that matter, we didn't get the money directly from that party, we got it from a registrar who you may or may not be able to trust either. and for that matter, you have no idea whether we are trustworthy. we could be making all of this up, and in fact we're so large and control the trust relationships to so many domains that there is a fair amount of incentive for us to do exactly that under some conditions, but we won't tell you want those are but you should trust us anyway, because we said so" Keith