On May 30, 2013, at 4:39 PM, Ben Laurie <[email protected]> wrote: > On 30 May 2013 15:37, Warren Kumari <[email protected]> wrote: >> As an example, the Diginotar incident. If a site has a DV (or whatever other >> cert) and were using DANE, the attacker (who we assume has on the wire MITM >> capabilities) would not be able to actually *use* the cert. > > You are imagining a future in which browsers suddenly decide that > out-of-band checking is acceptable, which seems unlikely to actually > occur other than in fantasy.
Why?
_______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
