> When will I get DANE requiring DNSSEC support on my mobile devices?

In theory it should be easy. Not that I expect it to happen because there
is no easy way to make money.

Have an organization like Letsencrypt generate identities like 
identityX.example.com. The user connects their identity in an unspecified
way. Then either the service generates a private key which the user 
downloads and installs or the user generates the key and uploades the
pulbic key. This requires a bit of software on the phone to receive the
private key or to generate one and upload the public key. Not a big
deal.

Then the user uses identityX.example.com in places where authentication is
required like getting access to a private resolver.

It could easily happen if somebody really wants it to happen. The required
app and infrastruct support are not very complex.

The trciky part is connecting a real-world identity to this service. But
that is a problem everywhere.

_______________________________________________
DNSOP mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to