I have started this thread... Sorry people, I didn't know I will create
so much passion on these lists... I propose that we meet next week at
INET2002 in Washington to draft something. (www.isoc.org/inet2002/)
I have heard the pros and cons of doing it with DNS and I'm well aware
of them. We could discuss ad eternam of what to do, but I suppose now
the best action is to write a draft informational RFC (informational
only!) that proposes a possible methodology to provide a global PKI with
DNS hooks.
If this document exists then it can be read. examined and submitted to
ICANN/IANA for possible implementation, but that's another story... What
is important is that something exists and then see if people are
willing...
I'm sorry but I won't be at the IETF meeting, unless someone invite me
(pay the trip) but I will be in INET2002 and some of you too... So let's
meet there and discuss. We can get a room in INET for discussion.
If some people agree, then I will put a notice on the board at INET.
Cheers.
Franck(_at_)sopac(_dot_)org
On Wed, 2002-06-12 at 20:13, John Stracke wrote:
That's a good point. PKI on DNS might not be the most trustworthy system
imaginable, but it would probably be an improvement over no PKI. Provided
it doesn't break DNS...