On Tue, 25 Sep 2012, Warren Kumari wrote:
> Something that would be very helpful for getting this deployed /
> implemented in browsers is number of folk (and more importantly,
> organizations) stating that they are planning on / would do DANE if
> the browsers supported it natively. Of course, even more helpful would
> be folk actually publishing TLSA records :-P
Well, we (torproject.org) already are publishing TLSA records for
www.torproject.org and a bunch of other https enabled services, and our
users have been targeted with rogue CA-issued certs in the past.
Browsers actually using the record would be really good news.
I have also put TLSA records for my other we (debian.org), but most of
them are less end-user targeted and more targeted to people involved in
the development of Debian. But still, more deployed records!
Cheers,
Peter
--
| .''`. ** Debian **
Peter Palfrader | : :' : The universal
http://www.palfrader.org/ | `. `' Operating System
| `- http://www.debian.org/
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
