DNSSEC solves none of the problems with the CA system. It just moves the problem around.
> On Oct 7, 2013, at 4:50 AM, Phil Mayers <p.may...@imperial.ac.uk> wrote: > > I have high hopes for raw keys, trust-anchored by DNSSEC via RFC 6698. In > this model, X.509 is essentially just a payload format for certs - the entire > trust model is unused. _______________________________________________ Twisted-Python mailing list Twisted-Python@twistedmatrix.com http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
