RFC 6698
E831087
RFC 6698 is the Internet standard that specifies the DNS-Based Authentication of Named Entities (DANE) protocol, which uses DNSSEC to associate TLS certificates with domain names.
All labels observed (1)
| Label | Occurrences |
|---|---|
| RFC 6698 canonical | 1 |
Statements (48)
| Predicate | Object |
|---|---|
| instanceOf |
Internet standard
ⓘ
Request for Comments ⓘ |
| addressesProblem | authentication of TLS endpoints without exclusive reliance on public CA PKI ⓘ |
| appliesTo |
DNS resolvers
ⓘ
TLS clients ⓘ TLS servers ⓘ |
| area | Security ⓘ |
| category | Standards Track ⓘ |
| defines |
TLSA DNS resource record format
NERFINISHED
ⓘ
TLSA certificate usage field ⓘ TLSA matching type field ⓘ TLSA selector field ⓘ |
| definesAcronym | DANE NERFINISHED ⓘ |
| definesProtocol | DNS-Based Authentication of Named Entities NERFINISHED ⓘ |
| documentType | Standards Track specification ⓘ |
| enables |
alternative trust model to traditional CA hierarchy
ⓘ
pinning of TLS keys via DNSSEC ⓘ |
| hasSuccessor | RFC 9102 NERFINISHED ⓘ |
| intendedFor |
TLS service operators
ⓘ
operators of DNS zones ⓘ security protocol implementers ⓘ |
| language | English ⓘ |
| number | 6698 ⓘ |
| obsoletedBy | RFC 9102 NERFINISHED ⓘ |
| obsoletes | None ⓘ |
| primaryPurpose | to bind X.509 certificates to DNS names using DNSSEC ⓘ |
| publishedBy | Internet Engineering Task Force ⓘ |
| publishedIn | RFC series ⓘ |
| relatedTo |
DNS resource records
ⓘ
Domain Name System NERFINISHED ⓘ Public Key Infrastructure NERFINISHED ⓘ X.509 certificates NERFINISHED ⓘ |
| relatesToProtocol |
TLS
NERFINISHED
ⓘ
Transport Layer Security NERFINISHED ⓘ |
| securityModel | DNSSEC-based authentication for TLS ⓘ |
| shortTitle | DNS-Based Authentication of Named Entities (DANE) for TLS NERFINISHED ⓘ |
| specifiesResourceRecordType | TLSA NERFINISHED ⓘ |
| standardizes | association of TLS certificates with domain names via DNSSEC ⓘ |
| status |
Internet Standard
ⓘ
Standards Track RFC ⓘ |
| stream |
Internet Engineering Task Force
ⓘ
surface form:
IETF
|
| title | The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA NERFINISHED ⓘ |
| topic |
DNS-based authentication
ⓘ
Internet security ⓘ TLS certificate validation ⓘ |
| usesTechnology |
DNS Security Extensions
NERFINISHED
ⓘ
DNSSEC NERFINISHED ⓘ |
| workingGroup | DNS-based Authentication of Named Entities NERFINISHED ⓘ |
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.