It would be great, if nextcloud secure the connection with an DANE/TLSA-check.
It would be great, if nextcloud secured the connection with an DANE-check.
In my opinion DANE is one of the best security enhancement in the WWW the last years.
Do you mean DANE/TLSA for the Homepage of Nextcloud at https://nextcloud.com/ ?
As for your own Nextcloud instance installed on your server implementing DANE/TLSA is fully up to you.
The Nextcloud developers can not do much but you have to implement this by yourself using a SSL certificate for your domain and make the necessary changes to your webserver configuration, DNS-Server and the Domain-Registrar.
Here is a good reading on how you can do it: https://blog.webernetz.net/2016/10/25/how-to-use-danetlsa/
I mean a DANE-checkup from nextcloud client against the certificate hash in the DNS.
This means that a Man-in-the-Middle is nearly impossible.
Thats the propose of DANE/TLSA-Records.