Of course, my point is that clearly DANE is better than nothing and DNSSEC
makes it better. I don't see what leaving out DNSSEC adds holes that don't
already exist worse without DANE.
I was hoping there was something I was missing in my analysis that
explained it.
Brandon
On Jun 17, 2014 4:05 AM, "Tony Finch" <dot(_at_)dotat(_dot_)at> wrote:
Brandon Long <blong(_at_)google(_dot_)com> wrote:
Right, I wasn't sure exactly why DANE requires DNSSEC.
The aim is to improve security. There's no point adding complexity if it
doesn't achieve anything.
Tony.
--
f.anthony.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
Biscay: Northeast 5 or 6. Slight or moderate. Fair. Good.
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp