- cross-posted to:
- technology@lemmy.world
- security@lemmy.ml
- cross-posted to:
- technology@lemmy.world
- security@lemmy.ml
You must log in or # to comment.
much prefer a solution that incorporates DNS TLSA resource records, rather than browser root certificate stores. That’s DANE, mm-ok? ;)
But regretfully, Peter Eckersley ex Chief Scientist at EFF seemed too invested in browsers being the ultimate hard-wired authority of trust on behalf of browser users when it came to root certificate stores. Not even considering initiatives such as CA-Cert.