On Mon, Jun 13, 2022 at 10:42:51AM -0400, Daniel Migault wrote: > I sent this question regarding the use of SPKI Fingerprints to the > add mailing list, but I am also eventually interested to feed backs not > necessarily restricted to encrypted resolvers. > > RFC 7858 (DNS over TLS) indicates the use of SPKI Fingerprints in an > analogous manner to that described in RFC7469 (public KEy Pinning extension > for HTTP). I am wondering if anyone is aware of implementation considering > SPKI Fingerprints for or if such usage is not something we would like to > recommend/deprecate.
SPKI fingerprints are used in DANE, specifically either: * DANE-EE(3) SPKI(1) SHA2-256(1)/SHA2-512(2) records * PKIX-EE(1) SPKI(1) SHA2-256(1)/SHA2-512(2) records Since the TLSA records are published by the service operator, questions about stale data largely go away, modulo a small fraction of negligent operators (in SMTP stale TLSA records are seen for ~1% of MX hosts, but more importantly, only 0.0053% of DANE-enabled domains). Also, OpenSSL supports use of SPKI fingerprints for peer certificate verification, because "TLSA record" lookups are left up to the application, which feeds these into the SSL handle prior to the handshake. This makes it possible to synthesise TLSA "[31] 1 [12]" records corresponding to an SPKI fingerprint, and use these in peer certificatre chain verification. Postfix, for example, has a "fingerprint" TLS "security level", in which the peer is authentication via a locally specified SPKI fingerprint, and this actually implemented on top of the OpenSSL DANE API via the above mentioned synthetic TLSA records. -- VIktor. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls