On Thu, Feb 05, 2015 at 09:38:38AM +0100, lst_hoe02@kwsoft.de wrote:
Is there a list of some sort with the already known TLSA secured domains?
I don't feel at liberty to publish the domain list.
Would be nice to see the pace of acceptance for different TLDs and so on.
However, the top TLDs out of the 1059 domains I've curated are:
327 de 159 net 124 com 99 org 44 eu 31 ch 30 nl 20 dk 20 cz 17 uk 13 me 13 at 12 fr 11 info 11 fi 10 io 10 email 9 se 9 be 7 us -------- 976 TOTAL
The remaining 83 domains are scattered across 47 TLDs. If we look instead at domains that are DNSSEC signed and at least one of their "best" MX hosts also lies in a secure zone, but that may not have published DANE TLSA records, the top 20 breakdown becomes:
11083 nl 6402 cz 2966 com 2131 br 1286 net 996 se 961 fr 882 eu 629 de 626 org 358 gov 326 be 174 no 159 pl 146 pt 138 edu 114 ch 112 dk 105 uk 104 ovh ----------- 29698 TOTAL
The remaining ~1000 domains are scattered across 92 TLDs.
Note, that many of the .net/.com/.org/.eu DANE for SMTP domains are actually registered by German domain owners. DANE for SMTP is still very much a .DE phenomenon. It would be good to see more progress elsewhere.
This may take some "evangelists" outside Germany who can write blogs, tutorials, inform the technology press, ... Perhaps once the SMTP DANE draft becomes an RFC (~2-4 months I think), the time will be ripe to start a broader "marketing effort".