Reply to post: Re: DNSSEC

FAKE Google web SSL certificates tip-toe out from Indian authorities



DNSSEC + DANE does seem the best route, but DNSSEC rollout is basically nonexistant (none of the major banks even use it), and DANE isn't supported by any browser - it was added to Chrome then pulled.. they cynic in me says verisign is pushing out a lot of brown envelopes to keep it that way.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022