Deployment news ( publishes TLSA RRs)

Patrick Domack patrickdk at
Sat Nov 21 03:12:49 CET 2015

I have been attempting to push more people to use dane, but it is hard.

More and more server admins keep asking to not send email to their  
domains without tls verification or certificate pinning, but none of  
them have heard of dane. Most don't even have dnssec even.

Quoting Viktor Dukhovni <ietf-dane at>:

> On Tue, Nov 03, 2015 at 08:10:19PM +0000, Viktor Dukhovni wrote:
>>   #Domains Provider
>>   -------- ----------
>> 	33		(resolution in progress)
>> 	28		(issue acknowledged)
>> 	15		(notified)
>> 	 5		(notified)
> DNS at is now resolved.  With ongoing scans in the
> mean-time, the number of affected domains I managed to find was
> briefly more than eighty, but now it is zero.
> The solution was actually a software update at (also
> known as so this also addresses the same issue for
> all other customers (only one such domain in my scans,
> but my surveys are far from comprehensive).  Progress continues.
> --
> 	Viktor.

More information about the dane-users mailing list