DNSSEC and PKI
Posted Jun 23, 2011 12:36 UTC (Thu) by david.a.wheeler
In reply to: DNSSEC and PKI
Parent article: On keys and users
Yes, I completely agree that DNSSEC can provide a basis for a simple-to-use PKI.
I wrote Easier Email Security is on the Way? back in 2002, outlining this. I think you could use DNSSEC to get keys for domains, and then other protocols (such as LDAP) to get public keys for individual users.
It's sad that it's taken so long to get DNSSEC mature. But it's finally starting to get out there. It's finally becoming possible.
to post comments)