https://www.ietf.org/rfc/rfc9103.html#name-mutual-tls tells me how I could use mutual TLS to authenticate (and I think, authorize) a zone transfer.
What it does not tell me is whether there should be any Extended Key Usage bits set on the certificates. Are the WebServer/WebClient required? forbidden? tolerated? -- Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
