I've been doing a bit of work with the .ie registry folks on exactly this and would love to see a way to leverage DNSSEC for acme.
It's early days (in terms of it being real) but we spoke about it when the icann folks were in Dublin recently. [1] And yes, the bit that'd glue dnssec and acme (in that case LE) isn't there yet, but would be great. S. [1] https://meetings.icann.org/en/dublin54/schedule/mon-tech/presentation-iencrypt-19oct15-en.pdf On 30/10/15 02:02, Tony Arcieri wrote: > While DNSSEC could provide a security improvement for this use case, I > wonder how much overlap there is with the prospective audience of Let's > Encrypt and people who have DNSSEC deployed today... > > > > _______________________________________________ > Acme mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/acme > _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
