On Oct 3, 2012, at 5:11 AM, Nikos Mavrogiannopoulos wrote: > Are there any test or even real world https sites that support DANE?
So that this excellent list of test sites can be easily found for others, I've added a page to our Deploy360 site listing out all the sites mentioned so far: http://www.internetsociety.org/deploy360/resources/dane-test-sites/ If you have other sites publishing TLSA records right now that you would like me to list, please contact me and I'll be glad to add it. In particular it would be interesting to list other invalid/broken sites that people could use for testing. It also strikes me that it might be interesting to break the list of test sites out into: - HTTP - Valid TLSA Record with Valid CA-Certified TLS Certificate - HTTP - Valid TLSA Record with Valid Self-Signed TLS Certificate I'm also wondering about this case: - HTTP - Valid TLSA Record with Invalid CA-Certified TLS Certificate (ex. Paul's site where the CA-cert hasn't been renewed) Which of course also brings up: - HTTP - Valid TLSA Record with Invalid Self-Signed TLS Certificate It seems to be that it would be useful if test sites were out there for all those cases. Are there other test cases for which sites would be useful? Also, if anyone has test sites using protocols other than HTTP I would be glad to add those, too. Regards, Dan -- Dan York [email protected] http://www.danyork.me/ skype:danyork Phone: +1-802-735-1624 Twitter - http://twitter.com/danyork
_______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
