Many years ago, for my master’s thesis, I worked on evaluating using the DNS to store certificates. I eventually ended up fixing several problems in RFC 2538 in a document that became RFC 4398. Using CERT records to store certificates haven’t really taken off, but now I’m happy to see work in this area: Dan Mahoney has blogged about How to publish PGP keys in DNS. Nice work!