On 12 October 2016 at 01:45, Martin Rex <[email protected]> wrote: >> Well, the UKS issue is rather narrowly applicable to special TLS >> applications in which cross-origin concerns apply. That's >> basically just browsers, and browsers are not doing DANE, and >> certainly not DANE-EE(3). > > I believe your concept is much to narrow.
I tend to agree, though that hinges on your definition of "cross-origin". In the web world, that has a very specific meaning. What you could say that "if the client doesn't care who it is talking to, or it has some secondary means of validating the identity of a server, then this isn't a concern". In the mail case, I continue to be astonished that this isn't a material problem, but I guess that there really must be these secondary mechanisms. _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
