https://bugzilla.mindrot.org/show_bug.cgi?id=2217
--- Comment #4 from Jeremy Saklad <stadium-cyclops...@icloud.com> --- I agree that SVCB is the way to go in the future. One nuance: in keeping with <https://datatracker.ietf.org/doc/draft-ietf-dnsop-svcb-dane/>, I think SSHFP records should be requested for the target server, and only used if the SVCB records are also secured with DNSSEC. SSHFP records could also be designated for automatic retrieval similar to A/AAAA records, with the support of resolvers. -- You are receiving this mail because: You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
