> On Aug 27, 2016, at 8:51 AM, Rene Renne Bartsch ([email protected])
> <[email protected]> wrote:
>
> We should do some lobbying with browser vendors to get attention from the
> masses. It will help DANE if requested by users. ;-)
>
> What TLS-libraries do other browsers use? What other TLS-libraries other than
> OpenSSL do support DANE-TLS?
>
> Mozilla Firefox -> NSS
> Google Chrome/Chromium -> BoringSSL
Browsers are I think unlikely to support DANE quite yet. They
probably need DNSSEC stapling standardized and implemented in
HTTP servers (nginx, Apache, IIS, ...) before enabling DANE
support in browsers is worth the effort.
Browsers all too often find themselves in environments that
are hostile to client DNSSEC access, so DANE without stapling
is I think not an option for browsers now or for many years
forward.
--
Viktor.
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
