[pilif]

I knew I didn't just invent the sliced bread there. I'm happy to see that the draft is from march 2011 though, so at least I wasn't years behind.

Now if only we could get DNSSEC going.

[wibblenut]

Well it was first drafted in 2002, and Jakob Schlyter actually wrote about it recently: http://www.circleid.com/posts/20110327_death_of_the_pki_drag...

Along the same lines Google recently launched a DNS based service for certs it knows about: http://googleonlinesecurity.blogspot.com/2011/04/improving-s...

DNSSEC is now deployed at the root level for .com/.net/.org/.edu/.gov.