DNSSEC solves none of the problems with the CA system. It just moves the problem around.
> On Oct 7, 2013, at 4:50 AM, Phil Mayers <[email protected]> wrote: > > I have high hopes for raw keys, trust-anchored by DNSSEC via RFC 6698. In > this model, X.509 is essentially just a payload format for certs - the entire > trust model is unused. _______________________________________________ Twisted-Python mailing list [email protected] http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
