To:
"John Stracke" <jstracke@incentivesystems.com>
cc:
ietf <ietf@ietf.org>, isdf@isoc.org, Key Distribution <keydist@cafax.se>, openssl-users@openssl.org
From:
Keith Moore <moore@cs.utk.edu>
Date:
Wed, 12 Jun 2002 17:57:52 -0400
In-reply-to:
(Your message of "Wed, 12 Jun 2002 16:13:51 EDT.") <OF0F8D4CAB.B14112E7-ON85256BD6.006EB01F@incentivesystems.com>
Sender:
owner-keydist@cafax.se
Subject:
Re: Global PKI on DNS?
> >We're already trusting chains of signficant length (i.e. DNS delegation) > >with no decent verification at all. > > That's a good point. PKI on DNS might not be the most trustworthy system > imaginable, but it would probably be an improvement over no PKI. Provided > it doesn't break DNS... and also provided people don't say "hey, now there's a PKI, so I really can trust it!" Keith