RFC 7671
E832821
RFC 7671 is an Internet Engineering Task Force (IETF) standard that specifies operational and security guidelines for using DNS-Based Authentication of Named Entities (DANE) with TLS.
All labels observed (1)
| Label | Occurrences |
|---|---|
| RFC 7671 canonical | 1 |
Statements (48)
| Predicate | Object |
|---|---|
| instanceOf |
IETF Request for Comments
ⓘ
Internet standard ⓘ |
| aimsTo |
improve security of TLS authentication using DNSSEC
ⓘ
provide guidance for safe DANE deployment ⓘ |
| appliesTo |
STARTTLS protocols
NERFINISHED
ⓘ
TLS over TCP ⓘ application protocols using TLS ⓘ |
| area |
Applications
ⓘ
Security ⓘ |
| BCPNumber | BCP 188 NERFINISHED ⓘ |
| category | Best Current Practice ⓘ |
| defines |
operational guidelines for DANE
ⓘ
security guidelines for DANE ⓘ |
| focusesOn |
TLS server authentication using DNSSEC
ⓘ
use of DANE with TLS ⓘ validation of TLSA records ⓘ |
| format | text ⓘ |
| intendedFor |
TLS service operators
ⓘ
application developers using DANE ⓘ operators of DNSSEC-signed zones ⓘ security practitioners ⓘ |
| language | English ⓘ |
| obsoletes | none ⓘ |
| partOf | DANE specification family ⓘ |
| publishedBy |
Internet Engineering Task Force
ⓘ
surface form:
IETF
Internet Engineering Task Force ⓘ |
| relatedTo |
DNSSEC
NERFINISHED
ⓘ
PKIX NERFINISHED ⓘ RFC 6698 NERFINISHED ⓘ TLS server identity verification ⓘ |
| relatesToProtocol |
DANE
NERFINISHED
ⓘ
DNS-Based Authentication of Named Entities NERFINISHED ⓘ TLS NERFINISHED ⓘ Transport Layer Security NERFINISHED ⓘ |
| specifies |
client behavior when processing TLSA records
ⓘ
error handling for DANE validation failures ⓘ interaction of DANE with PKIX ⓘ operational practices for publishing TLSA records ⓘ security considerations for DANE deployments ⓘ server behavior when deploying DANE for TLS ⓘ use of TLSA records with different certificate usages ⓘ |
| standardizes |
client processing rules for TLSA records
ⓘ
server deployment practices for DANE ⓘ |
| status | Internet standard ⓘ |
| stream |
Internet Engineering Task Force
ⓘ
surface form:
IETF
|
| title | The DNS-Based Authentication of Named Entities (DANE) Protocol: Updates and Operational Guidance NERFINISHED ⓘ |
| updates | RFC 6698 ⓘ |
| usesMechanism | DNSSEC NERFINISHED ⓘ |
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.