ietf-smtp
[Top] [All Lists]

Re: [ietf-smtp] DANE without DNSSEC (was: certificate pinning)

2014-06-16 12:30:45
On Mon, Jun 16, 2014, Tony Finch wrote:

Can't do DANE without DNSSEC. Yes there's a chicken-and-egg problem, so

Well, not according to the RFC.
However, it seems it should be possible to use the DNS records
(without DNSSEC) as additional check if so desired. Whether that
offers any value is of course a different question.

_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp