DNS-based Authentication of Named Entities
DNS-based Authentication of Named Entities (DANE) is an Internet security protocol to allow X.509 digital certificates, commonly used for Transport Layer Security (TLS), to be bound to domain names using Domain Name System Security Extensions (DNSSEC). It is proposed in RFC 6698 as a way to authenticate TLS client and server entities without a certificate authority (CA).
Source: Wikipedia — DNS-based Authentication of Named Entities (CC BY-SA 4.0)