On Mon, 2 Jun 2014, Viktor Dukhovni wrote:
On Sun, Jun 01, 2014 at 10:04:13PM -0400, Tom Gindin wrote:
On a technical, or at least quasi-technical point, doesn't usage 3 say
that it must match the "end-entity certificate given by the server in
TLS"?
Usage DANE-EE(3) with selector SPKI(1) matches the subject public
key info of the peer. While as specified in 6698 this SPKI is
expected to be adorned in X.509 finery, it is a natural extension
to allow the same association to apply to bare public keys.
Not only the natural extension, it was added specifically to accomodate
bare public keys in the future/
There is simply no need for a new certificate usage here (one for
which selector 0 would make no sense). Indeed it would force
server operators to needlessly publish the SPKI digest twice:
example. IN TLSA 3 1 1 {blob}
example. IN TLSA 4 1 1 {blob}
for no good reason.
I agree. One TLSA that covers the SPKI should work for TLS servers that
give out a bare public key or an EE cert.
I'm okay with WH' suggestion of putting this in the soon to be dane ops
document, or with an ERRATA to 6698 or with a new one page RFC.
Paul
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
