Hacker News new | ask | show | jobs
by hueving 3875 days ago
And how exactly do you think rotating a TLD key will help if it's obvious that TLD will just give the new key to the NSA anyway?
1 comments
throwaway2048 3875 days ago
the same way it can help in the case of the CA, parties like Google will set strict standards + see them compiled with or DANE etc will be ignored from the suspect TLDs.
link
tptacek 3875 days ago
What does it mean to "set strict standards" on .COM? Google can eliminate whole CAs, or scope them down to only a subset of names. It can't do that with .COM.
link
throwaway2048 3875 days ago
it can however refuse to allow DANE to be used on .COM/other TLDs + apply immense political pressure.
link
tptacek 3875 days ago
If you're not going to allow DANE on .COM, what's the point?
link