[one-users] Sunstone noVNC with WSS support

Valentin Bud valentin.bud at gmail.com
Tue Mar 11 09:21:20 PDT 2014


Hi Stefan,

On Tue, Mar 11, 2014 at 6:07 PM, Stefan Kooman <stefan at bit.nl> wrote:

> Quoting Valentin Bud (valentin.bud at gmail.com):
> >
> > I totally agree with you about the user experience and for it is worth
> > investing
> > a few dollars. I guess I am just frustrated that TLS fails to provide
> peer
> > to peer
> > trust.
>
> So I guess it's time (for you) to deploy DANE [1,2]. You do need to have
> DNSSEC enabled for your domain ... and still have to trust the (root)
> dns servers  ... but that's already a big improvement if you ask me.
> Especially if you operate your own dnsservers and have control over the
> signing process.
>

You are absolutely right. We operate the DNS infrastructure and plan to
implement DNSSEC this year. We have a mix of public and private zones
and we are still researching the most simple way to get DNSSEC implemented.

Do you have any tips / recommandations for the above scenario?

Once I have DNSSEC up and running I will surely implement DANE :).


> [1]: https://tools.ietf.org/html/rfc6698
> [2]:
> http://www.internetsociety.org/deploy360/blog/2013/12/want-to-quickly-create-a-tlsa-record-for-dane-dnssec/
>
>
>
> --
> | BIT BV  http://www.bit.nl/        Kamer van Koophandel 09090351
> | GPG: 0xD14839C6                   +31 318 648 688 / info at bit.nl


-- 
Valentin Bud
http://databus.pro | valentin at databus.pro
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20140311/2337a243/attachment-0002.htm>


More information about the Users mailing list