Olafur Gudmundsson <[email protected]> wrote: > > There are are two parts to TLSA reuse. > > 1) the RDATA format > 2) The registries created for TLSA RR fields. > a) TLSA Certificate Usages > b) TLSA Selectors > c) TLSA Matching Types
There are a few other semantics-related questions: * Would sharing an RRtype lead to the DNS returning too much irrelevant data in response to queries? In this case not, because we are using prefixed labels to disambiguate. * Would sharing an RRtype lead to useful code sharing between S/MIME and TLS implementations? > Reuse of TLSA RR by a protocol means subscribing to supporting new > entries in the above registries and even allowing new entries in there > that only make sense in one context. TLS is about authenticating peers. S/MIME is about encryption as well as verifying signatures. So I would expect TLS records to be more about digests of certificates (for brevity) whereas S/MIME records to contain public keys or entire certs. Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at first. Rough, becoming slight or moderate. Showers, rain at first. Moderate or good, occasionally poor at first. _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
