On 2011-02-01 07:57 PDT, Zack Weinberg wrote:
> I've been following the mailing list for the IETF's "keyassure"
> working group, which plans to standardize a mechanism for putting
> application-layer server keys (or their hashes) in DNS, certified by
> DNSSEC. TLS/SSL is the first target, and of
On 2011-02-05 1:13 PM, Nelson B Bolyard wrote:
Zack, thanks for bringing this to this list/group. I think many of us
were caught by surprise by it, because it is a browser policy proposal
rather than a technical discussion of the protocols.
Personally, I was a little surprised to be asked to d
On 2011-02-05 13:28 PDT, Zack Weinberg wrote:
> On 2011-02-05 1:13 PM, Nelson B Bolyard wrote:
>> Zack, thanks for bringing this to this list/group. I think many of
>> us were caught by surprise by it, because it is a browser policy
>> proposal rather than a technical discussion of the protocols.
On 02/06/2011 12:02 AM, From Nelson B Bolyard:
I think CAs still get most of their revenues from DV
I'm not sure if that's correct (revenues != market share)...
and so perceive DANE as a direct threat.
and I believe that DV certs issued by CAs provides what the proposed
keys in DNS can
On 2011-02-05 2:02 PM, Nelson B Bolyard wrote:
On 2011-02-05 13:28 PDT, Zack Weinberg wrote:
>> ...
There is a list/newsgroup focused specifically on the browser policy
governing the admittance of CAs to mozilla's root CA list. That probably
seems like the more obvious place, but it's where al
On 02/05/2011 03:28 PM, Zack Weinberg wrote:
"bogus" in this case is a term-of-art defined by RFC 4033.
You have made my day. :-)
I am so tweeting that.
- Marsh
https://twitter.com/marshray/status/34121219292790784
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lis
6 matches
Mail list logo