@taoeffect CT should at least make the shady CAs more obvious
-
-
.
@bascule CT *might* catch *some* shady CAs. That doesn’t make it a good thing, as explained here: http://www.ietf.org/mail-archive/web/trans/current/msg00233.html … -
@taoeffect yeah, been following that thread. DANE would be a great approach if DNSSEC weren’t terrible -
@bascule Somewhat similar to DANE is JWS: https://tools.ietf.org/html/draft-ietf-jose-json-web-signature-17 …@DNSChain supports DANE, and will support JWS or something similar. -
@taoeffect@DNSChain been flollowing JWS too but it feels like some round hole square peg stuff IMO -
@bascule@DNSChain Reason for JWS-type thing is to make@okTurtles possible. -
@taoeffect I’m working on an alternative to JWS -
@bascule Oh? I’d love to see it. :) - 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
