Reply to post:

CloudFlare drinks the DNSSEC kool-aid, offers it on universal basis

John Robson Silver badge

DNSSEC does provide a decent chain of trust though - you can see who you are trusting in the URL, no need to check that the cert isn't issued by a dodgy elbonian authority.

It could also allow a sideband transfer of HTTPS certs, allowing those certificate chains to be combined into one, easily visible chain of trust.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022