|
|
|
|
|
|
by y0ghur7_xxx
4346 days ago
|
|
|
> No, DNSSEC has nothing to do with CAs. Each DNS authority defines its own keys used to sign its records. which in turn must be signed by the zone operator (e.g.: Verisign for .com) who publishes them in DNS. So we still have Central Authorities - in the sense that there is still some overlord controlling everything. |
|
|