Placing your public key in a dnssec validated DNS record would be a good way to ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		briffle on Nov 13, 2013 \| parent \| context \| favorite \| on: Moving forward on improving HTTP's security Placing your public key in a dnssec validated DNS record would be a good way to replace the validation component done by most CA's.

tptacek on Nov 13, 2013 [–]

If enrolling your key in a PKI controlled by world governments seems like a good replacement for a bad private PKI, yes, by all means, pursue DNSSEC as an alternative.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact