[Cryptography] Certificates and PKI
John Levine
johnl at iecc.com
Mon Dec 22 09:50:07 EST 2014
>But also: DANE puts registries and registrars in the roles of CA and
>RA. If we think CAs are not a good solution, how is it the
>registries/registrars magically are?
We're stuck with them anyway. (For the typical click-a-link that CAs
use, registrars and registries are already in the path.)
While I agree that the diligence of some registrars leaves a lot to be
desired, at least this approach has one less point of failure than the
current one.
R's,
John
More information about the cryptography
mailing list