Re: "DANE and DNSSEC adoption is still low, but I agree it would…"

In: u/chluehr

I keep meaning to gemlog about this, but I made a proof of concept client implementation for DANE in rust. https://github.com/jamestomasino/gemini-rust-tlsa

🎲 tomasino

2025-03-21 · 1 year ago

1 Later Comment

🚬 sy · 2025-03-21 at 08:10:

@tomasino Querying TLSA records just during the TLS handshake makes the process more performant. That way TLS connection itself can be sped up significantly.

Also, do you have any comments on this?

— Trust algorithm suggestion for augmenting TOFU with DANE

🐧 chluehr

DANE and DNSSEC adoption is still low, but I agree it would "solve" the TOFU Gemini Issue / CC @skyjake [gemini link] DANE and TLS

💬 6 comments · 2 likes · 2025-03-11 · 1 year ago