I support the wg adopting this draft. It needs a bit of work and discussion; such work is relevant here and worth doing.
In ยง2.1.2 it has what looks like a copy-paste error, where it labels Selector 2 as DANE-TA, whereas in both rfc 6698 and the acronyms draft that is unassigned. The IPSECA record here is identical to a TLSA except only in name. If it does not need anything more than TLSA offers, why not just use TLSA? (Even if the answer is that that is the only way to signal ipsec vs tls, it needs discussion.) -JimC -- James Cloos <[email protected]> OpenPGP: 0x997A9F17ED7DAEA6 _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
