Y
Hacker News
new
|
ask
|
show
|
jobs
by
Avamander
253 days ago
> but if we rely on DNSSEC we can just use DANE/TLSA and don't need the mess of CA/PKI
DNSSEC is PKI. We don't want to rely on it because it's significantly worse than WebPKI.
1 comments
jesprenj
243 days ago
I think it is orders of magnitude better.
link