[getdns-users] Does stubby honor TLSA records when verifying tls_auth_name?
Christoph
cm at appliedprivacy.net
Thu Apr 18 17:40:00 UTC 2019
> We didn't publish SPKI pins because we rotate keys - which makes
> SPKI less practical.
After noticing that the pin can also be at the CA level we
will provide SPKI pins. The DANE/TLSA question for Stubby
would still be interesting since that would allow us to
manage the "pins" without changing the configuration.
thanks,
Christoph
More information about the Users
mailing list