Using DNS-Based Authentication of Named Entities (DANE) TLSA records with SRV and MX records.
|The information below is for an old version of the document|
|Document||Type||Expired Internet-Draft (dane WG)|
|Last updated||2013-08-29 (latest revision 2013-02-25)|
|Stream||Internet Engineering Task Force (IETF)|
Expired & archivedpdf htmlized bibtex
|Stream||WG state||WG Document|
|Send notices to||(None)|
The DANE specification [RFC6698] describes how to use TLSA resource records in the DNS to associate a server's host name with its TLS certificate. The association is secured with DNSSEC. Some application protocols can use SRV records [RFC2782] to indirectly name the server hosts for a service domain. (SMTP uses MX records for the same purpose.) This specification gives generic instructions for how these application protocols locate and use TLSA records. Separate documents give the details that are specific to particular application protocols.
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)