DANE is a method to establish a trusted world wide web where sites can no more be easily spoofed by secret services. The certificate of a website is matched against a hash in the DNNSEC signed TLSA DNS resource record which should assure that the site you are visiting does in deed belong to the domain owner and not another party. Certification authorities are said to issue rogue certificates for secret services thus easily enabling the spoofing of a website.
Get your own site listed:
elws@ |