On Wed, Jun 25, 2014 at 08:47:48AM -0400, Michael Richardson wrote:
> My impression is that this document does not require any new assigned
> numbers or protocol values, but rather simply explains how a raw key can be
> contained in a minimal DER encoded format such that it can be contained in
> the TLSA record.
More typically, the record will hold a digest, not the full key.
Matching type Full(0) is not recommended, at least for RSA keys,
which are quite large.
> Mention of a way to validate a key by hash is mentioned, but I'm unclear how
> that works from my first reading.
The peer presents the key in-band (TLS handshake, for example).
The client checks that the key matches the hash in the TLSA record.
The TLSA record is a binding between a DNS name and a public key,
so a binding to a key digest (given a strong digest) is just as
good.
--
Viktor.
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
