A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Transport Layer Security of the IETF.
Title : A DANE Record and DNSSEC Authentication Chain
Extension for TLS
Authors : Melinda Shore
Richard Barnes
Shumon Huque
Willem Toorop
Filename : draft-ietf-tls-dnssec-chain-extension-02.txt
Pages : 14
Date : 2017-01-11
Abstract:
This draft describes a new TLS extension for transport of a DNS
record set serialized with the DNSSEC signatures needed to
authenticate that record set. The intent of this proposal is to
allow TLS clients to perform DANE authentication of a TLS server
certificate without needing to perform additional DNS record lookups.
It will typically not be used for general DNSSEC validation of TLS
endpoint names.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-tls-dnssec-chain-extension/
There's also a htmlized version available at:
https://tools.ietf.org/html/draft-ietf-tls-dnssec-chain-extension-02
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-tls-dnssec-chain-extension-02
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
TLS mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tls
