On Fri, 27 Jun 2014, Viktor Dukhovni wrote:
On Wed, Jun 25, 2014 at 08:47:48AM -0400, Michael Richardson wrote:
My impression is that this document does not require any new assigned
numbers or protocol values, but rather simply explains how a raw key can be
contained in a minimal DER encoded format such that it can be contained in
the TLSA record.
More typically, the record will hold a digest, not the full key.
That's one use - not the exclusive use. A TLSA record can also be
sed to securely publish public keys.
Matching type Full(0) is not recommended, at least for RSA keys,
which are quite large.
Perhaps for use with TLS yes, because the public key is transfered
within TLS already. That might not be true of other protocols that
would like to lookup a public key structure with DANE/DNSSEC.
Mention of a way to validate a key by hash is mentioned, but I'm unclear how
that works from my first reading.
The peer presents the key in-band (TLS handshake, for example).
The client checks that the key matches the hash in the TLSA record.
The TLSA record is a binding between a DNS name and a public key,
so a binding to a key digest (given a strong digest) is just as
good.
That's right.
Paul
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
