Créer un compteSe connecter

Recherches récentes

Aucune recherche récente

Options de recherche

Disponible uniquement lorsque vous êtes connecté.
pouet.chapril.org est l'un des nombreux serveurs Mastodon indépendants que vous pouvez utiliser pour participer au fédiverse.
Chapril https://www.chapril.org est un projet de l'April https://www.april.org

Administré par :

Statistiques du serveur :

1,1K
comptes actifs

pouet.chapril.org: À proposAnnuaire des profilsPolitique de confidentialité

Mastodon: À proposTélécharger l’applicationRaccourcis clavierVoir le code sourcev4.3.7

Public
Evan Prodromou

Why isn't the SSL cert for a server a special kind of DNS record?

Erwan 🚄

@evan You can achieve this with the TLSA RR (and then you must use DNSSEC to guarantee - up to a certain kind of certainty - that the genuine DNS answer is returned)

25 janv. 2025, 17:33·Public·Web
0boost·1favori
Public
Evan Prodromou

@R1Rail That's interesting! I will see if I can give it a try.

Public
Erwan 🚄

@evan However, I do not know web browsers looking for it. Postfix does for encrypting mail server to mail server communication, when it is properly configured

Public
Suzanne Aldrich (she/her)

@R1Rail @evan The DANE (DNS-based Authentication of Named Entities) standard
1) Relies on DNSSEC which has been really slow to adopt
2) Requires integration on both client and server side
3) Would also require a radical shift by the entire Internet away from the existing PKI based trust model

It’s never going to happen.

ExplorerFlux en direct
À propos