On Thu, 26 Aug 2010, [email protected] wrote:
> as previously mentioned, somewhere back behind everything else ... there
> is strong financial motivation in the sale of the SSL domain name digital
> certificates.
>
While I am *not* arguing that point, per se, if having a
better solution would require, or would have required, no
more investment than the accumulated profits in the sale
of SSL domain name certs, we could have solved this by now.
Currently, the IETF keyassure WG is working on specifying how to use DNS(SEC)
to put the certs in the DNS to avoid the entire CA authentication.
It seems to be deciding on certs (not raw keys/hashes) to simplify and re-use
the existing TLS based implementations (eg HTTPS)
Paul
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [email protected]
