Public storage for public keys

[Frank Cusack]

On Mon, Jan 14, 2002 at 03:24:08PM -0800, Jason Stone wrote:
> You _could_ use DNSSEC to distribute the keys, and I'm interested in why
> this ended up being rejected?

I'm not that familiar with dnssec, is it possible for the ssh client to
know that dns lookups are via dnssec and not "just dns"?  If not, this
sounds like a very bad idea.

If there were a call getkeybyname() and that call only returned success
if dnssec were used, that might be ok.  dunno.

/fc