On 10/07/2013 09:50 AM, Phil Mayers wrote: > Right now, none are useful in a browser, but personally I have high > hopes for raw keys, trust-anchored by DNSSEC via RFC 6698. In this > model, X.509 is essentially just a payload format for certs Sorry, "payload format for keys".