A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Transport Layer Security WG of the IETF.
Title : A DANE Record and DNSSEC Authentication Chain
Extension for TLS
Authors : Melinda Shore
Richard Barnes
Shumon Huque
Willem Toorop
Filename : draft-ietf-tls-dnssec-chain-extension-05.txt
Pages : 23
Date : 2017-10-29
Abstract:
This draft describes a new TLS extension for transport of a DNS
record set serialized with the DNSSEC signatures needed to
authenticate that record set. The intent of this proposal is to
allow TLS clients to perform DANE authentication of a TLS server
without needing to perform additional DNS record lookups. It will
typically not be used for general DNSSEC validation of TLS endpoint
names.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-tls-dnssec-chain-extension/
There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-tls-dnssec-chain-extension-05
https://datatracker.ietf.org/doc/html/draft-ietf-tls-dnssec-chain-extension-05
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-tls-dnssec-chain-extension-05
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
TLS mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tls
