[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

finding public keys

Just to leave aside all these interesting matters of specification 
languages and X.509 versus ... (aside: anyone for re-using the PGP 
formats ? :-) if only for a moment:

How do I find some(body|thing)'s public key ?

This seems to be quite an important question, perhaps the most 
important issue in building a real public key infrastructure, and I'm 
surprised not to have seen much discussion of it either on the PKIX 
list - or this one so far ?  It has, however, been discussed a little 
on the cypherpunks list recently.  Check out the latter stages of the 
"A brief comparison of email encryption protocols" thread in the 
archives - [1].

Seems to me that, if nothing else, it might be useful if this group 
produced an specification which could be followed for looking up 
(somehow) the public key for an entity, given say an associated 
Internet domain name ?  In practice I suppose this could be done in 
such a way as to make it possible to use multiple protocols and 
multiple data structures for public key info, so as to avoid the "my 
X is better than yours" problem - where X is protocol, data format, 
...  Whether this is desirable in the long term is another matter, 
but it might help to get the ball rolling ?

Toodle pip!


[1] <URL:http://www.hks.net/cpunks/cpunks-24/>