Charles, On 1/13/11 11:41 AM, Charles Lindsey wrote: > > The question of making the public key available is entirely orthogonal to > that core protocol. The DSN mechanism is fine for some applications, > especially where the lifetime of the signature is at most a few weeks. But > other means of publicising (and especially of authenticating) public keys > are also in widespread current use and there is nothing in the core > protocol that would prevent their use in other applications where they > were more suitable. > > So DOSETA should provide for multiple plug-in key storage mechanisms in > just the same was as it provides for multiple plug-in canonicalizations. > By all means include the current DNS method as plug-in-key-management #1. >
While perhaps this is an entertaining idea (I was particularly entertained since it seems to take my notion of generalization far beyond where I might have taken it), absent an application I have a difficult time supporting it. And even if you had an application, I would be initially disinclined to go this far, simply because generalization comes with the cost a loss of specific optimization and often some amount of (sometimes substantial) overhead. Further, we don't really get a good view of what to generalize without substantial operational experience with disparate use cases. Eliot _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
