@stevelord My problem I think is with the fundamentals. Suppose you are a tech enthusiast who wants to use this mode of auth. Now you have to:
- Learn that your keys won't fit into DNS records
- Learn that while you can split your key to multiple records, there is no guarantee the client will concat them in a particular order
- Learn that while you can fall back to shorter key sizes they may be insecure or require an algorithm that either your tool or the receivers doesn't support
While you test all this, you also have to consider caching of course.
Did I miss anything?