On second reading (of 8.1.4) it does indeed come down to my concern. Thanks for pointing in that direction !
Marc On Wed, Jan 30, 2013 at 9:41 AM, Marco Davids (SIDN) <[email protected]> wrote: > On 01/30/13 09:11, Marc Lampo wrote: > >> But since domain registration can be quite anonymous >> doesn't this mean that anybody could, if support for TSLA is widespread, >> create https websites that do not cause warning messages to users. > > It does. > > In fact, this is identified as a security consideration (8.1.4) in the RFC. > > -- > Marco > > > _______________________________________________ > dane mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dane _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
