- From: Ryan Sleevi <ryan-w3-web-security@sleevi.com>
- Date: Mon, 18 May 2015 11:22:03 -0700
- To: noloader@gmail.com
- Cc: "GALINDO Virginie" <virginie.galindo@gemalto.com>, "public-web-security@w3.org" <public-web-security@w3.org>, "Rigo Wenning" <rigo@w3.org>
On Mon, May 18, 2015 10:57 am, Jeffrey Walton wrote: > The treatment of DNS and the section on DNSSEC is very good. It makes > a lot of good points on why browsers are not using information from > DNS for things like CA (CAA Resource Records) and public key pinsets > (SSHFP-like resource records specifying pinsets). Clarification: CAA is not intended to be used by browsers, and this was actively discussed during its standardization. Its intended for use by CAs. I suspect you may have meant DANE (which is for clients).
Received on Monday, 18 May 2015 18:37:41 UTC