alt Hacker NewsThat's one way to put it. Another way to put it is that the CA system keeps cryptographic trust managed by organizations that can easily be destroyed if they fail, while DANE's trust is practically irrevocable.
That's one way to put it. Another way to put it is that the CA system keeps cryptographic trust managed by organizations that can easily be destroyed if they fail, while DANE's trust is practically irrevocable.