> I would note that the RIPE NCC, while implementing X.509 support, > is moving away from the concept of running their own CA. Their > X.509 support will be very "PGP-like". See the following for details - > http://www.ripe.net/ripe/meetings/ripe-46/presentations/ripe46-db-x509.pdfv
smart. the careful reader might have noted that i did not say i did not like x.509 certs, especially given future sbgp etc. use. there is an rfc out on use of x.509 certs in the web of trust model. randy
