- From: Jeffrey Walton <noloader@gmail.com>
- Date: Mon, 18 May 2015 14:23:51 -0400
- To: ryan-w3-web-security@sleevi.com
- Cc: GALINDO Virginie <virginie.galindo@gemalto.com>, "public-web-security@w3.org" <public-web-security@w3.org>, Rigo Wenning <rigo@w3.org>
On Mon, May 18, 2015 at 2:22 PM, Ryan Sleevi <ryan-w3-web-security@sleevi.com> wrote: > On Mon, May 18, 2015 10:57 am, Jeffrey Walton wrote: >> The treatment of DNS and the section on DNSSEC is very good. It makes >> a lot of good points on why browsers are not using information from >> DNS for things like CA (CAA Resource Records) and public key pinsets >> (SSHFP-like resource records specifying pinsets). > > Clarification: CAA is not intended to be used by browsers, and this was > actively discussed during its standardization. Its intended for use by > CAs. > > I suspect you may have meant DANE (which is for clients). Actually, NO. Its security specific context information. I'm happy to use any security specific context information I can get my hands on. Jeff
Received on Monday, 18 May 2015 18:24:19 UTC