Technical Summary
Encrypted communication on the Internet often uses Transport Level
Security (TLS), which depends on third parties to certify the keys
used. This document improves on that situation by enabling the
administrator of a domain name to publish the keys used in the
DNS, secured with DNSSEC.
Working Group Summary
The working group made extensive use of the issue tracker:
listing, opening, discussing and then calling consensus on
each issue. This gave everyone the opportunity to participate
and be heard. There have been approximately 2,000 messages
discussing this (and closely related) documents.
Document Quality
There is a tool (Swede - https://github.com/pieterlexis/swede)
that generates TLSA records, and a proof-of-concept implementation
of DANE for NSS (https://mattmccutchen.net/cryptid/#nss-dane).
A number of vendors have mentioned that they are planning on
implementing the specification.
I do not think that it would be fair (or possible) to single
out any specific reviewers -- we have had a large number of very
active reviewers / participants and they have all been very diligent
(and sometimes vocal :-)) in providing feedback.
Personnel
Warren Kumari is acting as the Document Shepherd.
Stephen Farrell is the Responsible Area Director.