Posted Nov 12, 2007 18:55 UTC (Mon) by copsewood (subscriber, #199)
In reply to: Email privacy by man_ls
Parent article: Email privacy
If the key certificate is in the DNS and you trust the certificate chain
down through the DNS tree from the root at the TLD, then you
can establish a measure of trust in the key that I publish in the DNS zone for my domain
genuinely belongs to me, because it was signed by the higher level domain key when I
registered or renewed the domain.