Yep. DNS-based Authentication of Named Entities (DANE): http://tools.ietf.org/html/draft-ietf-dane-protocol-06

I'm glad DNS has been getting a lot of love lately. I just wish people would realise what other cool stuff it's useful for. :)

I knew I didn't just invent the sliced bread there. I'm happy to see that the draft is from march 2011 though, so at least I wasn't years behind.

Now if only we could get DNSSEC going.

Well it was first drafted in 2002, and Jakob Schlyter actually wrote about it recently: http://www.circleid.com/posts/20110327_death_of_the_pki_drag...

Along the same lines Google recently launched a DNS based service for certs it knows about: http://googleonlinesecurity.blogspot.com/2011/04/improving-s...

DNSSEC is now deployed at the root level for .com/.net/.org/.edu/.gov.

This presentation by DJB talks about DNSSEC a lot: http://news.ycombinator.com/item?id=2047794