--- "Hallam-Baker, Phillip" <pbaker(_at_)verisign(_dot_)com> wrote:
I see two near term applications:
2) As an end to end signature in addition to edge signature
The main reason one would only use q=xkms without a DNS fallback in this
circumstance would be precisely to ensure that the signatures are not
interpreted by incomming edge servers.
Would you call this a back-door replacement for S/MIME and PGP - since
presumably the "ends" are likely to be UAs rather than edge servers? If so, why
burden an edge-protocol, as you put it, with an end-to-end requirement?
The point being, 2) doesn't seem relevant to our task.
That leaves 1) which shows xmks as an adjunct to DNS rather than an
alternative.
Mark.