> > Is there any open source implementation of DANE? Would you please > > share the link (perhaps not to the list to avoid noises but to me > > directly) > > As yet, there is no robust DANE support in mainstream TLS libraries. > > You can find preliminary DANE support based on OpenSSL in: > > https://github.com/vdukhovni/ssl_dane > > This works with OpenSSL 1.0.0 and later. The application is > responsible for all DNSSEC TLSA record lookups, the library uses TLSA > records provided by the application to verify the TLS peer. > > The above is not intended to be supported after DANE is made available > directly in OpenSSL. Also the source is the documentation. > > This is for early adopters only, not a long-term API. > > -- > Viktor.
Thanks a lot! Best, Hosnieh _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
