Hi, On Fri, Aug 30, 2019 at 03:08:06PM +0000, Jóhann B. Guðmundsson wrote:
Yep. I wish the use of TLSA was more wide spread. It doesn't require third parties to "certify" who is who.
The third parties that "certify" are for others to establish trust in that you are who you claim to be not because its "required" and the security industry has deemed those who do not atleast get some other entity to validate, not to be worthy of trust.
TLSA does all this, without requiring some other entity that follows their own agenda to "certify" anything. You need to trust the DNS root KSK, of course, but everything else follows the normal DNSSEC chain.
Just because Trump says he's a genius and the "chosen one" does not make him one now does it...
No, but that is slighly missing the point. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279