Re: dnssec-trigger + GNOME + NetworkManager integration

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2015-07-03 at 15:43 +0200, Petr Spacek wrote:
> For the record, and all this can be solved by DNSSEC + DANE. See RFC 
> 6698.

I was planning to use DANE as a second required check in addition to
the normal certificate chain. That is, if either the certificate chain
doesn't check out or DANE fails, then something is spooky and the site
should be inaccessible. Other browsers are throwing around ideas about
using DANE to make the site accessible in the event the certificate
chain fails, which seems like the wrong direction to me. I haven't
really seen any good arguments in favor of one approach or the other,
though.

Michael
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux