Viktor Dukhovni wrote:
>
> Well, the UKS issue is rather narrowly applicable to special TLS
> applications in which cross-origin concerns apply. That's
> basically just browsers, and browsers are not doing DANE, and
> certainly not DANE-EE(3).
I believe your concept is much to narrow.
The
On 10 October 2016 at 20:24, Martin Rex wrote:
> The description of the problem sounds vaguely familiar.
>
> https://www.ietf.org/mail-archive/web/dane/current/msg03737.html
If only they had listened eh? And they went ahead and published anyway.
I didn't do a complete search of
On Fri, Aug 26, 2016 at 01:35:52AM +, Viktor Dukhovni wrote:
> Many domain hosting providers that also host the email for the
> customer domains. For a bunch of these providers the MX hosts are
> in a DNSSEC-signed zone, and a non-trivial number of customer MX
> RRsets are also in signed
On 12 October 2016 at 01:45, Martin Rex wrote:
>> Well, the UKS issue is rather narrowly applicable to special TLS
>> applications in which cross-origin concerns apply. That's
>> basically just browsers, and browsers are not doing DANE, and
>> certainly not DANE-EE(3).
>
> I
> On Oct 11, 2016, at 8:31 PM, Martin Thomson wrote:
>
>> I believe your concept is much to narrow.
>
> I tend to agree, though that hinges on your definition of
> "cross-origin". In the web world, that has a very specific meaning.
> What you could say that "if the