>Any other issues should be brought forward Also, I see that there's a disclaimer about the semantics of the certificates, but I'm still confused.
At this point, all S/MIME certificates are signed by a CA, and MUAs typically put ugly red marks on message with a cert with an unknown CA. I gather the idea here is that the certs can be self-signed, and they're credible in the absence of a CA signature because the domain is asserting something about them via DNSSEC publication. But it never says that, or anything like that. R's, John _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
