Assumption about TLSA records

John Allen john at klam.ca
Thu Apr 20 15:36:34 CEST 2017


Is the following assumption reasonable?

if there are multiple TLSA dane-ee (type 3) records for a particular
service, none of which match the current generated record, they can
(maybe should) be deleted.

The same "rule" can be could be applied to dane type 2 records.



More information about the dane-users mailing list