On Sun, 7 Oct 2012, Nikos Mavrogiannopoulos wrote:
At least 3 host names in the list of DANE test sites do not use DNSSEC. http://www.internetsociety.org/deploy360/resources/dane-test-sites/
The fedoraproject.org and nohats.ca one require you enable DLV to get a full DNSSEC chain that can be validated.
Indeed, and this is why only the SubjectPublicKeyInfo should have been defined.
I tried :) Paul _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
