Correction: A single global rooted PKI is a bad idea, a single global (in the namespace sense, not a single system) PKI database where we can look up certificates is a good idea.
At 07:39 PM 6/9/2002 -0400, Keith Moore wrote: > > I was wondering if the best system to build a global PKI wouldn't be the > > DNS system already in place? > >A global PKI is a Bad Idea. Nobody is sufficiently trustworthy to be the >root CA. > >Keith ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
