On 14 February 2016 at 11:40, Phillip Hallam-Baker <[email protected]> wrote: > HPKP in DNS can be rolled out today.
Maybe I'm just dim today, but doesn't that suffer from the same problem as TLSA? HPKP in HTTPS relies on HTTPS providing integrity. Don't you need DNSSEC to get the same result for DNS? _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
