> > > Yes, one could use the DNS merely as a repository for certs from any > >> PKI. But, the DNS provides a unique opportunity to take advantage of > >> an existing name system that is very widely used and which is > >> precisely the way we usually communicate the name of the machine to > >> which we wish to connect (or the name of the person to whom we wish > >> to send a message). > > > >right, but the name is just a shorthand, it doesn't actually specify > >the service to which we wish to connect. it's entirely possible that > >the name-to-service binding has changed without our knowing it, > >which is why it's *essential* that we don't depend on such names > >as our primary identity for authenticaiton. > > The name is precisely what we specify to get to the machine (or > cluster of machines) in question. So long as we use a DNS name for > that purpose, it makes sense to use a certified DNS name to verify > that we are connected to the place we said we wanted to contact. no it doesn't. because even if the name is what we type in, it's not what determines whether we actually talked to the service we wanted to talk to. it's not what determines whether we trust the results. > Which services are offered at that machine is a different matter. actually the user is rarely concerned about machines these days, he/she is almost always concerned with which service he/she is talking to. the mapping between machines and services is almost arbitrary. > >What's the point of encouraging people to trust an untrustworthy structure? > > Do you say the structure is untrustworthy because the TLD registrars > sometimes make mistakes? Yes, among other reasons. Especially if you mean 'mistakes were made' in the Nixon sense. But there's also the fairly fundamental problem that if you trust the DNS PKI you're placing your trust in one or more parties with which you have no relationship, and no basis for trusting them. This trust is abused enough already, but at present the gTLDs actually have only the barest of mechanisms for manipulating us. Give them more influence and they'll abuse it even more. > What else would provide a good PKI basis for the sorts of certs I > allude to above? IMHO the very notion of a global PKI is fatally flawed. OTOH limited-scope PKIs can be quite useful. Keith