Richard Barnes <[email protected]> wrote: > > The benefit of this one is that you don't actually need the cert. You > could just provision a public key this way. The binding of the public key > to the identity is done by virtue of the the fact that the web server > represents "example.com". It's conceptually the same as if you had put a > TA in DNSSEC, it just routes through the HTTPS cert.
How do you represent this relationship in a form you can verify offline? Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at first. Rough, becoming slight or moderate. Showers, rain at first. Moderate or good, occasionally poor at first. _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
