In your letter dated Mon, 22 Jun 2015 17:24:01 -0700 you wrote: >It's probably of minor importance, since DNS fingerprinting is not the best >primary mechanism to verify a server's host key fingerprint. My experience is that my sites do not have any sensible policy of publishing ssh fingerprints and quite a few admins would quite like to use DNSSEC validated fingerprints. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev