Mike, On Sun, Sep 11, 2011 at 8:44 PM, Mike Jones <m...@mikejones.in> wrote: > It will take a while to get updated browsers rolled out to enough > users for it do be practical to start using DNS based self-signed > certificated instead of CA-Signed certificates, so why don't any > browsers have support yet? are any of them working on it?
Chrome v 14 works with DNS stapled certificates, sort of a hack. ( http://www.imperialviolet.org/2011/06/16/dnssecchrome.html ) There are other proposals/ideas out there, completely different to DANE / DNSSEC, like http://perspectives-project.org/ / http://convergence.io/ . Regard, Martin