On 4/9/2014 3:36 PM, Dave Cridland wrote:
DNSSEC, and DANE, allow you to provide a "Domain Validated" public key, much like the cheap/free certificates currently available from CAs, but more reliably and simply. I think the same level of trust is there either way, except that the cheap/free CA certs are very weakly validated in practise.
What deployment and use has DANE achieved, so far? d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net