On Sep 24, 2012, at 08:17, Richard Barnes wrote: > On Monday, September 24, 2012 at 3:49 PM, Miek Gieben wrote: >> [ Quoting <[email protected] (mailto:[email protected])> in "Re: [dane] Call for >> Adoption: draft..." ] >> >>> -- I don't really see why we need a new RR type here, beyond the cognitive >>> dissonance caused by the three letters "TLS". >>> >> >> >> new RRs are cheap. Why not get one? > Why *would* you? The cert/chain matching semantics are the same, the only > difference is how you get the cert/chain (S/MIME vs. TLS). > > New RRs are not *that* cheap. Yes, servers and resolvers usually do let you > provision arbitrary RR types by number, but that's not nearly as nice as > having a real syntax, which takes time to develop and deploy. If you've got > TLSA and you just need people to look for it in a different place, why bother > going to the effort of making everyone support a new type? >
My thoughts exactly. - m&m Matt Miller - <[email protected]> Cisco Systems, Inc.
smime.p7s
Description: S/MIME cryptographic signature
PGP.sig
Description: This is a digitally signed message part
_______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
