Revision as of 01:36, 26 July 2025 edit 41.198.159.95 (talk) Uninstall Tags: Reverted Visual edit Mobile edit Mobile web edit ← Previous edit		Revision as of 19:28, 29 July 2025 edit undo JmpRax (talk \| contribs) 2 edits m →DANE Working Group Next edit →
Line 200: The new protocols will enable additional assurances and constraints for the traditional model based on [[public key infrastructure]]. They will also enable ___domain holders to assert certificates for themselves, without reference to third-party [[certificate authority\|certificate authorities]]. Support for DNSSEC stapled certificates was enabled in [[Google Chrome]] 14,<ref>{{cite web\|url=http://www.imperialviolet.org/2011/06/16/dnssecchrome.html\|title=ImperialViolet\|access-date=2011-11-26}}</ref> but was later removed.<ref>{{cite web\|url=https://git.chromium.org/gitweb/?p=chromium/chromium.git;a=commit;h=6a7172345e72d755d99c095eb3d4768f0f585344\|title=chromium git\|access-date=2013-03-09}}</ref> For [[Mozilla Firefox]], support was provided by an add-on<ref>{{cite web\|url=https://www.dnssec-validator.cz/\|title=DNSSEC/TLSA Validator}}</ref> ~~while~~up ~~native~~to ~~support~~Firefox is56, ~~currently~~while ~~awaiting~~native ~~someone~~support towas ~~start~~proposed ~~working~~but onultimately itrejected.<ref>[https://bugzilla.mozilla.org/show_bug.cgi?id=672600 Bugzilla@Mozilla: Bug 672600 - Use DNSSEC/DANE chain stapled into TLS handshake in certificate chain validation]</ref> ==History==

Domain Name System Security Extensions: Difference between revisions