Re: Global PKI on DNS?

To: Keith Moore <moore at cs.utk.edu>, Franck Martin <franck at SOPAC.ORG>
Subject: Re: Global PKI on DNS?
From: Michael StJohns <mstjohns at mindspring.com>
Date: Sun, 09 Jun 2002 17:33:32 -0700
Cc: openssl-users at openssl.org, ietf at ietf.org, isdf at isoc.org
In-reply-to: <200206092339.g59NdPn24996@astro.cs.utk.edu>
References: <(Your message of "08 Jun 2002 13:22:28 -0000.") <1023542548.17232.30.camel@flinux.sopac.org.fj>
Sender: owner-ietf at ietf.org

Correction: A single global rooted PKI is a bad idea, a single global (in the namespace sense, not a single system) PKI database where we can look up certificates is a good idea.

At 07:39 PM 6/9/2002 -0400, Keith Moore wrote:

> I was wondering if the best system to build a global PKI wouldn't be the
> DNS system already in place?

A global PKI is a Bad Idea.  Nobody is sufficiently trustworthy to be the
root CA.

Keith

Follow-Ups:
- Re: Global PKI on DNS?
  - From: Keith Moore

References:
- Global PKI on DNS?
  - From: Franck Martin
- Re: Global PKI on DNS?
  - From: Keith Moore

Prev by Date: Re: Global PKI on DNS?
Next by Date: Re: Global PKI on DNS?
Previous by thread: Re: Global PKI on DNS?
Next by thread: Re: Global PKI on DNS?
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Re: Global PKI on DNS?

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.