DANE allows to verify the server certificates for HTTPS connections via DNS. This allows to connect to servers without having a CA certificate pool installed - well, *if* the the site admin prepared the DNS entry for DANE (with so called TLSA records).
WARNING: Without DNSSEC, MITM attacks can't be detected when using DANE. DANE is still an experimental feature and needs to be enabled via the `--dane` CLI option. Have fun playing with it. Any feedback is highly appreciated. See also https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities https://gitlab.com/gnuwget/wget2/-/issues/627 https://gitlab.com/gnuwget/wget2/-/merge_requests/522 Regards, Tim
OpenPGP_signature
Description: OpenPGP digital signature
