Slightly OT: These slides > https://ripe68.ripe.net/presentations/253-DANEs_don%27t_lie-20140512.pdf
state on page 26: "DANE TLSA Benefits: prevents STARTTLS "downgrade" attacks" I'm probably missing something. How does publication of a TLSA record prevent STARTTLS downgrade attacks? Thanks, Olaf
