On 11/6/2013 6:29 PM, Marco Davids (SIDN) wrote:
For those of you who prefer a somewhat more simple approach, there is
still:
https://check.sidnlabs.nl/dane/
This is a potentially useful adjunct for clients that don't do DANE
validation.
BUT
This is the answer for NIST.gov:
Warning! No TLSA records for _443._tcp.inside.nist.gov. were found.
PKIX validation without DANE will be performed.
129.6.13.244 dane-validated successfully
Maybe you should say that the certificate PKIX validated, rather than
saying that DANE validated successfully, since there is no TLSA record?
Stephen.
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
