|
|
|
|
|
|
by presumably
2270 days ago
|
|
|
That article is incredibly misleading in what it leaves out: by using same logic, our existing CA system is equally a “backdoor”. We have certificate transparency to help address that, and were DANE to be in actual use similar systems would quickly appear, for example using the RIPE Atlas. DANE is not a backdoor. To exercise it as one would require replacing operator-controlled keys with government (or other) keys. This would be no less visible than doing the same with an existing certificate authority. |
|
|