LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

DNSSEC and PKI

DNSSEC and PKI

Posted Jun 23, 2011 12:36 UTC (Thu) by david.a.wheeler (guest, #72896)
In reply to: DNSSEC and PKI by copsewood
Parent article: On keys and users

Yes, I completely agree that DNSSEC can provide a basis for a simple-to-use PKI. I wrote Easier Email Security is on the Way? back in 2002, outlining this. I think you could use DNSSEC to get keys for domains, and then other protocols (such as LDAP) to get public keys for individual users.

It's sad that it's taken so long to get DNSSEC mature. But it's finally starting to get out there. It's finally becoming possible.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds