You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@clerezza.apache.org by "Tommaso Teofili (Updated) (JIRA)" <ji...@apache.org> on 2011/11/08 15:23:55 UTC
[jira] [Updated] (CLEREZZA-438) DANE support in Clerezza
[ https://issues.apache.org/jira/browse/CLEREZZA-438?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tommaso Teofili updated CLEREZZA-438:
-------------------------------------
Fix Version/s: 0.2-incubating
> DANE support in Clerezza
> -------------------------
>
> Key: CLEREZZA-438
> URL: https://issues.apache.org/jira/browse/CLEREZZA-438
> Project: Clerezza
> Issue Type: New Feature
> Reporter: Henry Story
> Priority: Minor
> Labels: security, webid
> Fix For: 0.2-incubating
>
>
> DANE (DNS-based Authentication of Named Entities) is an IETF group that is working on specifying how to add public keys to DNSSEC as described in their charter
> http://tools.ietf.org/wg/dane/charters
> Their latest draft spec is here http://tools.ietf.org/wg/dane/
> DANE support should enable browsers to minimally authenticate servers that use self signed certs. There are 3 times more such servers CA based ones. Putting a self signed cert in the DNS should be a lot simpler a procedure than going through CAs. There is a firefox plugin already to test this in a browser: ie the browser should not longer show the DANGER error messages when coming across such sites.
> This is an interesting research topic with the following requirements:
> - It would require DNSSEC libraries in Java.
> - It be useful if apache.org was had a DNSSEC presence (it may have, I don't know how to check)
>
> Two use cases:
> - make clerezza TLS requests Dane aware
> - make it easy on booting Clerezza to add public key to DNS
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira