> On Jul 8, 2020, at 12:59 PM, Viktor Dukhovni <openssl-us...@dukhovni.org>
> wrote:
>
> On Wed, Jul 08, 2020 at 12:48:38PM -0400, Felipe Gasper wrote:
>
>> Does OpenSSL support authentication via raw public keys? (RFC 7250) I
>> can’t find anything to this effect on openssl.org.
>
> These are not presently supported. However, you can use DANE-EE(3) TLSA
> records to authenticate essentially empty leaf certificates:
That would also require changes to DNS, right?
What I’m looking for is a way to authenticate a user over TLS in essentially
the same manner that SSH’s handshake uses, where a signature of a shared secret
validates the public key, which is on a preconfigured allowlist. I could do it
post-handshake by using RFC 5705 key material exports as the shared
secret--this usage seems to exemplify the intent of that extension--but TLS raw
public keys seem a bit closer to “prior art”.
Anyhow, thank you!
-FG