-----BEGIN PGP SIGNED MESSAGE----- A while ago, Peter Trei <trei@toad.com> said:

Don Eastlake has actually done a draft RFC on using the DNS for key distribution.

It may be found at

ftp://ietf.cnri.reston.va.us/internet-drafts/draft-ietf-dnssec-secext-04.txt [snip]

I'm sure everyone agrees that a 5 meg keyfile is a bit big, but has anyone considered working on the QUALITY of the keyfile instead of making it easier to retrive QUANTITIES of keys.. Ie: What about creating one big web of trust out of current keys. Or maybe allowing keys only if they have some connection to some other key previously submitted, or simultaneously submitted. Currently, having one big keyfile creates the impression that keys distributed over a keyserver are more valid. In a sense they are, but only because someone who's being spoofed could learn of the key that is supposedly theirs. However, there's really no reason to trust a key as anything but a nym unless it's signed by someone in _your_ web of trust. I believe that modifying keyservers to accept only keys that are linked to currently known keys would encourage everyone to become part of that web of trust. After all, the public key of a nym can be obtained from the nym themself. Anybody have any thoughts on this? Don -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQB1AwUBMEF2psLa+QKZS485AQHo/QL9GIEsboNghINgrzE5mnW/2d9i/sn4tgzw 5Ne9zerIdT0QcUWOI/ETw4pYMf8CBPD7iSU1oHxv+qoa/vgxGJCPW9fKYKPURYzE Aev2zw5Js4BnQqYKhhvPpnEEsGqnuuAd =0h+o -----END PGP SIGNATURE----- <don@cs.byu.edu> fRee cRyPTo! jOin the hUnt or BE tHe PrEY PGP key - http://bert.cs.byu.edu/~don or PubKey servers (0x994b8f39) June 7&14, 1995: 1st amendment repealed. Death threats ALWAYS pgp signed * This user insured by the Smith, Wesson, & Zimmermann insurance company *