FYI, I've now updated this page of DANE test sites to add a couple of more that were sent to me and to break it out according to the different types of sites:
http://www.internetsociety.org/deploy360/resources/dane-test-sites/ I put the sites in different categories based on what I could see using my browser. Please feel free to let me know if you don't think I categorized your site correctly. I'm also glad to keep adding more sites, too, if you let me know about them. Regards, Dan P.S. And yes, I'll work on getting the Deploy360 site (well, the larger ISOC site of which Deploy360 is a part) to have a TLSA record, too. This was part of why I was asking about tutorials to help people understand how to publish TLSA records. I don't control the DNS or the web server for the site, and so I need a simple step-by-step process I can forward to the IT team responsible for the site. On Oct 4, 2012, at 9:34 AM, Dan York wrote: > > On Oct 3, 2012, at 5:11 AM, Nikos Mavrogiannopoulos wrote: > >> Are there any test or even real world https sites that support DANE? > > So that this excellent list of test sites can be easily found for others, > I've added a page to our Deploy360 site listing out all the sites mentioned > so far: > > http://www.internetsociety.org/deploy360/resources/dane-test-sites/ > > If you have other sites publishing TLSA records right now that you would like > me to list, please contact me and I'll be glad to add it. In particular it > would be interesting to list other invalid/broken sites that people could use > for testing. > > It also strikes me that it might be interesting to break the list of test > sites out into: > > - HTTP - Valid TLSA Record with Valid CA-Certified TLS Certificate > - HTTP - Valid TLSA Record with Valid Self-Signed TLS Certificate > > I'm also wondering about this case: > > - HTTP - Valid TLSA Record with Invalid CA-Certified TLS Certificate (ex. > Paul's site where the CA-cert hasn't been renewed) > > Which of course also brings up: > > - HTTP - Valid TLSA Record with Invalid Self-Signed TLS Certificate > > It seems to be that it would be useful if test sites were out there for all > those cases. Are there other test cases for which sites would be useful? > > Also, if anyone has test sites using protocols other than HTTP I would be > glad to add those, too. > > Regards, > Dan > > -- > Dan York [email protected] > http://www.danyork.me/ skype:danyork > Phone: +1-802-735-1624 > Twitter - http://twitter.com/danyork > > > > _______________________________________________ > dane mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dane -- Dan York [email protected] http://www.danyork.me/ skype:danyork Phone: +1-802-735-1624 Twitter - http://twitter.com/danyork
_______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
