EC recognises DANE as standard for tendering

DANE has been recognised by the European Commission as an official standard for use in tendering, both in e-mail and on the web. To secure recognition, a standard has to be open, transparent, impartial and developed on the basis of consensus — the idea being to ensure technical interoperability across government bodies throughout the EU.

DANE for the web supplements (and is seen as the long-term successor to) the certificate system currently used by browsers ('key' icon). The flaws in that system and the need for an alternative have been highlighted by the DigiNotar debacle and other events.

Mail gateways don't use a certificate system. So, in e-mail, DANE is used to attach the STARTTLS server certificate and secure the STARTTLS option.

In both cases, DANE works through a DNSSEC-secured TLSA record containing a hash code for a particular certificate.

Mail server security standard SPF is covered by the EC decision as well. DNSSEC is strongly recommended for SPF, but not mandatory.

EC-DANEstandardEURlex-600x531

Comments

  • Friday 22 September 2017

    Internet security

    Veiliginternetten.nl privacy awareness campaign

    Thumb-Campagne-Je-deelt-meer-dan-je-weet

    You're sharing more than you know, so think about your on-line privacy

    Read more
  • Monday 27 May 2019

    Internet security

    Bits of Freedom makes privacy law work in practice

    Thumb-shredded-paper

    My Data Done Right: a new tool for generating personal data requests

    Read more
  • Thursday 18 April 2019

    DNSSEC

    Just four weeks until the root KSK rollover: time to check your DNSSEC trust anchors!

    Thumb-secure

    Check your DNSSEC trust anchors!

    Read more

Sorry

Your browser is too old to optimally experience this website. Upgrade your browser to improve your experience.