Hmmm, we talked about some of it...
look in the IETF archives on "Global PKI on DNS?"
On Mon, 2003-12-15 at 12:03, Masataka Ohta wrote:
Until PKIs are able to represent the rich diversity of trust
relationships that exist in the real world, they are mere curiosities
with marginal practical value.
PKIs are able to represent the blah blah blah; your software isn't yet
translating that into something that you want to use.
It is not a software issue.
That you can construct a PK structure to represent a set of trust
relationships for some purpose does not mean that there is some
general purpose PKI.
That is, that you must construct a PK structure for every different
purpose is not a software issue but an operational problem too complex
and costly to be solvable.
Shared key cryptography with KDC, either, does not offer the general
purpose infrastructure, though shared key structures are easier to
GPG Key fingerprint = 44A4 8AE4 392A 3B92 FDF9 D9C6 BE79 9E60 81D9 1320
"Toute connaissance est une reponse a une question" G.Bachelard
Description: This is a digitally signed message part