[ih] DNS turtles, DKIM history, was IETF relevance (was Memories of Flag Day?)

[John Levine]

It appears that Michael Thomas via Internet-history <enervatron at gmail.com> said:
>For my part, I think that we should make new work prove to the security 
>area that they actually need to use certs at all. They are archaic for 
>conditions that just don't apply these days since everything is online 
>now which wasn't the case when they were first developed 40 years ago. 
>It's really unfortunate that the magical thinking about them still 
>persists to this day.

We definitely agree there.  Let's Encrypt and the turtles tell us that in
practice everyone else agrees, too, even beyond the question of how much
you care about the name.

I suppose they still make sense in private environments where you have one
root signer which has a real relationship to the entities whose certs they
sign and know the entities' names, but that's pretty niche these days.

R's,
John