[Cryptography] New free TLS CA coming
rsalz at akamai.com
Wed Nov 19 13:55:22 EST 2014
> A non ad-hoc demonstration of both domain and site control is I think a
> DNSSEC validated DANE TLSA RR attesting to the validity of the public key:
> _443._tcp.www.example.com. IN TLSA 3 1 1 <sha256 pkey digest>
I totally agree.
But if you have the ability to do this or the ability to make it happen, then you are probably (well) beyond the target market of ISRG.
More information about the cryptography