Certificate validation

Comments

1 comment

  • Avatar
    Frank Denis

    Certificates are signed. The provider public key is used to verify them.

    Some providers use HTTPS to serve the pages listing the public key to use. Others serve DNSSEC-signed records to verify them. Others don't, but the dnscrypt source code is signed (PGP + DNSSEC) and also contains a list of pk.

     

Please sign in to leave a comment.