alt Hacker NewsI'm not really in favor of DANE, because DNSSEC is such a mess ... but.
Certificate transparency is nice. Browsers could require it for DANE certificates, just like they require it for current Web PKI certificates.
The people controlling the TLD of interesting can exert control over the domain of interest in order to issue a DANE certificate. But they can also exert control over the domain of interest in order to request a domain control certificate, so widespread use of DANE wouldn't add any new adversaries. If DNSSEC wasn't a mess, and DANE replaced WebPKI, we would eliminate the risk from CAs without adding a new risk --- TLDs (and the DNS root) are existing risks.
Replies
CT seems useless for DANE because the cert is self signed, so anyone can just flood the CT with self signed certs for your website. It's useful with WebPKI because only certs signed by a CA go in CT and it's a big deal if one is mis-issued. Anyone can mis-issue a self-signed cert at home for fun.
And if they don't, DNS is already a database. You could just query domains to check their certificates. People running recursive DNS servers could double-check certificates.