> When will I get DANE requiring DNSSEC support on my mobile devices? In theory it should be easy. Not that I expect it to happen because there is no easy way to make money.
Have an organization like Letsencrypt generate identities like identityX.example.com. The user connects their identity in an unspecified way. Then either the service generates a private key which the user downloads and installs or the user generates the key and uploades the pulbic key. This requires a bit of software on the phone to receive the private key or to generate one and upload the public key. Not a big deal. Then the user uses identityX.example.com in places where authentication is required like getting access to a private resolver. It could easily happen if somebody really wants it to happen. The required app and infrastruct support are not very complex. The trciky part is connecting a real-world identity to this service. But that is a problem everywhere. _______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
