On Feb 5, 2014, at 7:17 AM, Osterweil, Eric <[email protected]> wrote:
> Specifically, DANE is (imho) excellent example of a standard architecture for > certificate discovery using DNS. As has been noted in many places over the past few decades, using the DNS for information deliver vs. information discover are very different things. Jakob and I have chosen to go with the standard assumption that the DNS is for information delivery, and other protocols (these days, mostly HTTP) can be used for information discovery. If the DANE WG wants to change this, and the IETF at large agrees, we can certainly walk down that path, both with this document and with TLSA itself. --Paul Hoffman _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
