Hi, In attempting to catch up for this week's poll, I noticed that some participants were doubting whether certificates associated with domain names are a universal need. They are not, of course, but they appear poised to get quite a bit more necessary. Google has already announced that Chrome is going to start marking sites that don't support TLS (i.e. are http as opposed to https) as "insecure", inverting the "green lock" thing that many people are now used to. Mozilla has previously talked about this, though haven't committed yet. Now, note that many of the certificates in question will be Let's Encrype, ACME-based certs and therefore will probably not depend on RDS. Of course, that's partly because the IETF ACME WG isn't using whois today because it's awful. If there were ways reliably to automate the check, maybe the Let's Encrypt certs would provide marginally higher assurance than they do today, which is just the DV (domain validation) level. I will note that I use LE certificates (for instance, on the mailserver sending this mail) and think they are dandy. Not everyone agrees. Best regards, A -- Andrew Sullivan ajs@anvilwalrusden.com