Anders Rundgren wrote: > I haven't followed this lengthy discussion in detail but I have for a long > time wondered how DNSSEC and SSL-CA-Certs should coexist. > > Which one will be the "most" authoritative? > > Could DNSSEC (if it finally succeeds) be the end of SSL-CA-certs?
DNSSEC only attempts to ensure that you get the (a) correct IP address. It does absolutely nothing to ensure that you actually are connected to the site you wanted. It doesn't obviate SSL or PKI at all. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
