EC recognises DANE as standard for tendering

Ensure technical interoperability across government bodies throughout the EU

DANE has been recognised by the European Commission as an official standard for use in tendering, both in e-mail and on the web. To secure recognition, a standard has to be open, transparent, impartial and developed on the basis of consensus — the idea being to ensure technical interoperability across government bodies throughout the EU.

DANE for the web supplements (and is seen as the long-term successor to) the certificate system currently used by browsers ('key' icon). The flaws in that system and the need for an alternative have been highlighted by the DigiNotar debacle and other events.

Mail gateways don't use a certificate system. So, in e-mail, DANE is used to attach the STARTTLS server certificate and secure the STARTTLS option.

In both cases, DANE works through a DNSSEC-secured TLSA record containing a hash code for a particular certificate.

Mail server security standard SPF is covered by the EC decision as well. DNSSEC is strongly recommended for SPF, but not mandatory.



  • Tuesday 5 February 2019

    About SIDN

    Netherlands falls further behind on IPv6


    Countries everywhere are overtaking the Dutch

    Read more
  • Wednesday 25 April 2018


    Two new DNSSEC-validating DNS services launched


    In recent weeks, two new DNS services for the general public have been launched, and both support DNSSEC validation.

    Read more
  • Monday 15 April 2019

    SIDN Labs

    Dissecting DNS Defences during DDoS


    Recommendations for both operators and developers

    Read more


Your browser is too old to optimally experience this website. Upgrade your browser to improve your experience.