Re: Global PKI on DNS?2002-06-08 22:31:18% I was wondering if the best system to build a global PKI wouldn't be the % DNS system already in place? % As others have pointed out, the DNS already has the capability to store certs. So you could use the DNS as a publication method. But is this the only thing a PKI needs? How would one revolke a cert that was in the DNS? How can you update -every- cached copy of the cert in question? For this (among other) reason(s), the DNS can't really be considered a PKI in any real sense. -- --bill
|
|