User: Password:
Subscribe / Log in / New account



Posted Jun 23, 2011 12:36 UTC (Thu) by david.a.wheeler (subscriber, #72896)
In reply to: DNSSEC and PKI by copsewood
Parent article: On keys and users

Yes, I completely agree that DNSSEC can provide a basis for a simple-to-use PKI. I wrote Easier Email Security is on the Way? back in 2002, outlining this. I think you could use DNSSEC to get keys for domains, and then other protocols (such as LDAP) to get public keys for individual users.

It's sad that it's taken so long to get DNSSEC mature. But it's finally starting to get out there. It's finally becoming possible.

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds