Richard Barnes <[email protected]> wrote: > Just a thought: It might be simpler to do S/MIME certificate discovery > using WebFinger than using DANE. You would just have to do an HTTPS query > to a URI of the form... > https://example.com/.well-known/webfinger?resource=mailto:[email protected]&rel=certificate > ... then parse a JSON object to find the certificate. As opposed to having > an appropriately upgraded DNS library, being able to do DNSSEC, and parsing > the binary record format.
And this avoids the problem of how to map email addresses into DNS owner names when you don't know enough about the other site's local part semantics. Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at first. Rough, becoming slight or moderate. Showers, rain at first. Moderate or good, occasionally poor at first. _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
