On Sep 12, 2012, at 4:44 PM, Paul Wouters <[email protected]> wrote:
> On Wed, 12 Sep 2012, Marco Davids (SIDN) wrote: > >> On 08/23/12 20:02, Paul Wouters wrote: >> >>> I put up the xpi as well, you can grab it at: >>> http://people.redhat.com/pwouters/mozilla-extval-0.7.xpi >> >> I like it. >> >> However, there might be room for improvent in the wording of the the >> messages. >> >> I deliberately broke the TLSA record (https://forfun.net/) and the >> message is (in green): >> >> "Domainname is secured by DNSSEC and the certificate is validated by CA." >> >> Both true, but as a paranoid user, I would have appreciated a little bit >> more information, like: >> >> "... but the certificate did not pass a DANE check" >> >> (or something similar) > > It should do that. When I check your domain it tells me there is no TLSA > record, but I checked all name servers and it is there (and incorrect) > > I'll add it on my TODO list :) Awesome, thank you Paul…. Just wanted to mention again that this is great…. W > > Paul > _______________________________________________ > dns-operations mailing list > [email protected] > https://lists.dns-oarc.net/mailman/listinfo/dns-operations > dns-jobs mailing list > https://lists.dns-oarc.net/mailman/listinfo/dns-jobs > _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
