Re: Global PKI on DNS?

On 6/12/02 8:20 AM, "Eric Rescorla" <ekr(_at_)rtfm(_dot_)com> wrote:

But I can do
this only if I can discover certs that *aren't* either in the set it hands
me or in my local set, and TLS says nothing about how to do this.

Yes, because it's an edge case.


Scalability as an edge case.  Hmm.

We barely have any PKI at all,


Actually, it would appear we barely have a bunch of different,
non-interoperable, non-scalable PKIs.  However, since I'm not a card
carrying credentialed security person, I'm probably mistaken.

I think it's a little early to start
worrying about cross-certification.


I think it is more than a bit late.

Rgds,
-drc

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Global PKI on DNS?, (continued) Re: Global PKI on DNS?, Keith Moore Re: Global PKI on DNS?, Derek Atkins Re: Global PKI on DNS?, David Conrad Re: Global PKI on DNS?, Eric Rescorla Re: Global PKI on DNS?, RL 'Bob' Morgan Re: Global PKI on DNS?, Eric Rescorla Re: Global PKI on DNS?, RL 'Bob' Morgan Re: Global PKI on DNS?, Eric Rescorla Re: Global PKI on DNS?, Jakob Schlyter Re: Global PKI on DNS?, Paul Hoffman / IMC Re: Global PKI on DNS?, David Conrad <= Re: Global PKI on DNS?, Eric Rescorla Re: Global PKI on DNS?, Keith Moore Re: Global PKI on DNS?, RL 'Bob' Morgan Re: Global PKI on DNS?, Keith Moore Re: Global PKI on DNS?, Stephen Kent Re: Global PKI on DNS?, Keith Moore Re: Global PKI on DNS?, Ben Laurie Re: Global PKI on DNS?, Chris Evans Re: Global PKI on DNS?, Einar Stefferud Re: Global PKI on DNS?, Stephen Kent

Previous by Date:	Re: Global PKI on DNS?, Eric Rescorla
Next by Date:	Re: Modems, Craig S. Williams
Previous by Thread:	Re: Global PKI on DNS?, Paul Hoffman / IMC
Next by Thread:	Re: Global PKI on DNS?, Eric Rescorla
Indexes:	[Date] [Thread] [Top] [All Lists]