On Wed, May 22, 2013 at 08:08:07AM -0400, Sean Turner wrote:
> Yeah I was thinking website then smtp and then whatever comes next.
Based on deployment risk, perceived security benefit or gut feel?
For SMTP there is little to no risk, and few barriers to client
deployment (the Exim folks are also implementing, more to follow
I'm sure).
Also far more likely to be universally usable than with browsers,
where the existing PKI will still dominate for a long time. At
the office I am behind an SSL MITM proxy appliance. It will be
some time before the proxy does DANE, and the browser will not be
able to help, the proxy's fake certificates will never match DANE
records...
--
Viktor.
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
