>
> I thought we had a message exchange on the topic and agreed that SPKI
> was out of scope. My concern is that we keep talking as though the
> syntax of a cert is at the heart of this problem, which I think is
> just plain wrong. That's why a document like RFC 4398 is irrelevant.
> Defining a format for storing any form of cert in the DNS is trivial,
> because the DNS is not making use of the content to make decisions. In
> contrast many of the proposed TAM use cases DO need to pay attention
> to the contents of TAs (whether they be certs or not), in order to
> support meaningful TA management.
>
>
Could you elaborate on one or two use cases where the content of the TA
is essential.To me this is absolutely critical to figure out - if you
are right there is a real risk that TAM won't be properly layered on
top of things like X.509, SPKI, PGP.
Cheers Leif
