On 10 October 2016 at 15:35, Viktor Dukhovni <[email protected]> wrote: > For the record, in RFC7671, only DANE-EE(3) was in scope for skipping > identity checks, no similar language is present for DANE-TA(2).
This is correct. The draft goes into this in more detail, and is more correct than my short announcement writeup. Usage 2 is only a problem if implemented incorrectly (and we have no evidence that this is the case anywhere). _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
