RFC 7672
E833407
RFC 7672 is an Internet standards document that specifies how to use DNS-Based Authentication of Named Entities (DANE) with SMTP to provide secure email transport.
All labels observed (2)
Statements (45)
| Predicate | Object |
|---|---|
| instanceOf |
Internet standards document
ⓘ
Request for Comments ⓘ |
| aimsTo |
improve security of SMTP transport encryption
ⓘ
reduce reliance on traditional public CA infrastructure for SMTP TLS ⓘ |
| applicationLayer | SMTP ⓘ |
| appliesTo |
SMTP clients
ⓘ
SMTP servers ⓘ mail transfer agents ⓘ |
| area |
Applications
ⓘ
Security ⓘ |
| category | Standards Track ⓘ |
| definesConcept |
DANE-verified TLS for SMTP
ⓘ
opportunistic DANE TLS ⓘ |
| definesMechanism |
opportunistic DANE TLS for SMTP
ⓘ
use of DANE with SMTP for TLS ⓘ use of DNS-Based Authentication of Named Entities with SMTP ⓘ |
| focusesOn |
SMTP server authentication using DANE
ⓘ
opportunistic encryption for SMTP ⓘ secure email transport ⓘ |
| identifier | RFC 7672 NERFINISHED ⓘ |
| intendedUse | Internet email security ⓘ |
| obsoletedBy | none ⓘ |
| obsoletes | none ⓘ |
| protocol |
SMTP
NERFINISHED
ⓘ
Simple Mail Transfer Protocol NERFINISHED ⓘ |
| publishedBy |
Internet Engineering Task Force
ⓘ
surface form:
IETF
Internet Engineering Task Force ⓘ |
| relatedTo |
DANE protocol
NERFINISHED
ⓘ
DNSSEC NERFINISHED ⓘ RFC 3207 NERFINISHED ⓘ RFC 6698 NERFINISHED ⓘ |
| securityProperty |
enables authenticated TLS for SMTP using DNSSEC
ⓘ
prevents downgrade attacks on SMTP TLS when DANE is used ⓘ |
| specifiesUseOf | TLSA DNS resource records ⓘ |
| standardizes |
procedures for SMTP clients to use TLSA records
ⓘ
procedures for SMTP servers to publish TLSA records ⓘ |
| status | Proposed Standard ⓘ |
| stream |
Internet Engineering Task Force
ⓘ
surface form:
IETF
|
| title | SMTP Security via Opportunistic DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) NERFINISHED ⓘ |
| transportLayer | TCP NERFINISHED ⓘ |
| usesTechnology |
DANE
NERFINISHED
ⓘ
DNS-Based Authentication of Named Entities NERFINISHED ⓘ DNSSEC NERFINISHED ⓘ TLS NERFINISHED ⓘ Transport Layer Security NERFINISHED ⓘ |
Referenced by (2)
Full triples — surface form annotated when it differs from this entity's canonical label.