- From: Adrien de Croy <adrien@qbik.com>
- Date: Wed, 20 Nov 2013 00:38:21 +0000
- To: "Amos Jeffries" <squid3@treenet.co.nz>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
also, would DANE spell the end of any URI where the authority is given as an IP address rather than a domain name? that's a lot of links to break. ------ Original Message ------ From: "Amos Jeffries" <squid3@treenet.co.nz> To: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org> Sent: 20/11/2013 12:19:46 p.m. Subject: Re: A proposal >On 2013-11-20 11:15, Adrien de Croy wrote: >>even if a cert is $0 it is not zero cost. >> >>Time and effort are not free. >> >>All these options involve an ongoing management/maintenance cost as >>well >> >>And are we really proposing the internet should be built on certs from >>free cert providers? How will they stay in business or the certs >>remain free once the demand for free certs is multiplied by several >>orders of magnitude? > >DANE. > >* generate your own CA certificate. >* have your DNS provider sign it as part of your DNSSEC signed zone >records >* profit > > >Payment (of lack of it) will be part of your contractual agreement with >DNS provider and avoids the CA authority mess currently blighting trust >in TLS. > > >Amos > >
Received on Wednesday, 20 November 2013 00:38:07 UTC