Am 04.07.2014 um 00:25 schrieb Garrett Wollman <[email protected]>:
> <<On Fri, 4 Jul 2014 00:14:48 +0200, Daniel Roethlisberger <[email protected]> > said: > >> [1] There is no such thing as a perfect CA bundle (i.e. both >> secure *and* usable) given how broken the whole CA system is >> these days. > > So is anyone working on DANE support in libfetch and other base-system > utilities? Let's lead on this rather than just flaming about how CAs > suck…. +1 DANE is the route to go in the future. It perfectly matches the use case discussed here. Axel --- PGP-Key:29E99DD6 ☀ +49 151 2300 9283 ☀ computing @ chaos claudius _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
