Send in your ideas. Deadline October 1, 2024
Theme fund: NGI0 Entrust
Start: 2023-02
More projects like this
Software engineering


Implement DANCE specification in GnuTLS and MbedTLS

DANE (which stands for "DNS-Based Authentication of Named Entities") is a set of mechanisms and techniques standardised within the IETF that allow Internet applications to establish cryptographically secured communications by using information made available through the domain name system. By binding key information to a domain name and protecting that binding with DNSSEC, applications can easily discover authenticated keys for services.

The original DANE specification was built around server authentication. Recently a new initiative called DANCE ( emerged, extending DANE to include client authentication. The DANCE4All project's goal is to implement the DANCE specification in two major TLS libraries (GnuTLS and MbedTLS) such that client DANE will become widely available.

  • The project's own website:

Run by ARPA2

Logo NLnet: abstract logo of four people seen from above Logo NGI Zero: letterlogo shaped like a tag

This project was funded through the NGI0 Entrust Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 101069594.