Most of our issues with TLS and CAs is really the market failure on the
browser side of things. We don't have TLSA/DANE support in browsers (or
IPv6-LL) because we have a lack of choices.
We (as a planet) don't understand that we need to spend money on maintenance
of software. The 81% that was Mozilla's take from Google ought to wake us
up.
Not an IETF issue, sadly, though.
--
Michael Richardson <mcr+IETF@xxxxxxxxxxxx> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
Attachment:
signature.asc
Description: PGP signature
