To:
"Eric A. Hall" <ehall@ehsco.com>
Cc:
John Stracke <jstracke@incentivesystems.com>, ietf <ietf@ietf.org>, <isdf@isoc.org>, Key Distribution <keydist@cafax.se>, <openssl-users@openssl.org>
From:
David Conrad <david.conrad@nominum.com>
Date:
Tue, 11 Jun 2002 21:01:07 -0700
In-Reply-To:
<3D06A0A7.9040109@ehsco.com>
Sender:
owner-keydist@cafax.se
User-Agent:
Microsoft-Entourage/10.1.0.2006
Subject:
Re: Global PKI on DNS?
On 6/11/02 6:15 PM, "Eric A. Hall" <ehall@ehsco.com> wrote: >> Why do you think the roots and TLDs would get millions of TCP queries for >> their certs? Why would anyone want to get the certs of the roots or tlds? > Why do you think anybody would cache them long-term if they were right > there handy in the DNS database? Let me try again. Why would anyone care about root or TLD _certificates_? They might be interested in the root or TLD sig/key records but that is a completely different thing and unrelated to cert records. Rgds, -drc