On Mar 1, 2021, at 5:36 AM, Eric Rescorla <[email protected]> wrote: > I don't necessarily object to having this be TLSA, but given that we are > standardizing > a record whose precise purpose is to signal what services are available at a > given > location, it seems to me natural to use that.
+1. I used TLSA because PaulW had proposed it and no one objected to the proposal, but a new purpose-built signal seems fine. Having said that, I'm a bit hesitant if that new signal also recreates TLSA semantics for the public key, given how hard it was for the DANE WG to settle on those, but maybe it won't be so rough this time (or maybe we can use TLSA for the public key info). --Paul Hoffman
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
