Reply to post: Re: DANE?

Fuming Google tears Symantec a new one over rogue SSL certs

Anonymous Coward
Anonymous Coward

Re: DANE?

No. Why would it? The SHA512 hash is just **extra** information that would help mitigate this attack. Its delivery by DNS need be no more secure than the IP address delivered by DNS.

Of course if you have DNSSEC as well, then all the better!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2019