Ägypten web-site update
Simon Josefsson
jas@extundo.com
Fri Oct 12 21:09:01 2001
Michael Häckel <Michael@Haeckel.Net> writes:
> Hi,
>
> I think in general this structure looks well, from the point of view
> of KMail, besides this LDAP issue.
[snip]
<shameless plug>
For finding certificates and CRLs, DNS can also be used, in particular
the CERT RR. Gnus support this scheme since a year. It seemed as if
LDAP was a design requirement for you, but it may be interesting to
consider DNS as well, I believe it solves alot of the practical
problems present with LDAP.
Some references:
Cert RR spec:
http://www.ietf.org/rfc/rfc2538.txt
Using the CERT RR for S/MIME:
http://www.ietf.org/internet-drafts/draft-josefsson-pkix-dns-00.txt
Alternative approach:
http://www.ietf.org/internet-drafts/draft-schlyter-appkey-00.txt
How SSH use this approach for their keys:
http://www.ietf.org/internet-drafts/draft-ietf-secsh-dns-key-format-00.txt
</shameless plug>