[CC'd to various lists who might be interested]
Someone recently asked on a security list whether there was a simple way of
putting your public key on a web server based on "a set of goals, hopefully
sufficiently unambitious, so one knows what one wants to do very precisely.
Given those, I suspect a decent spec replacing hundreds of pages of currently
'standard' and useless mechanism could be crafted in about 10 to 30 pages)".
My response was "You've just described RFC 4387 :-)". The list reaction was
that no-one had known until then that this document even existed, so I'm
posting this to a couple of lists where people might find it useful.
Don't be mislead by the title (http://www.ietf.org/rfc/rfc4387.txt), it was
published under the auspices of PKIX but it's really "a simple, fairly
universal means of publishing your public key via HTTP". The CACert folks
have set up a Wiki page to cover implementation info, feedback, and comments:
http://wiki.cacert.org/wiki/RFC4387.
(Please, no religious arguments over this: If you think it's useful, implement
it. If not, ignore it).
Peter.