{"draft":"draft-ietf-dane-protocol-23","doc_id":"RFC6698","title":"The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA","authors":["P. Hoffman","J. Schlyter"],"format":["ASCII","HTML"],"page_count":"37","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"DNS-based Authentication of Named Entities","abstract":"Encrypted communication on the Internet often uses Transport Layer\r\nSecurity (TLS), which depends on third parties to certify the keys\r\nused.  This document improves on that situation by enabling the\r\nadministrators of domain names to specify the keys used in that\r\ndomain's TLS servers.  This requires matching improvements in TLS\r\nclient software, but no change in TLS server software.  [STANDARDS-TRACK]","pub_date":"August 2012","keywords":["[--------]","DNSSEC","certificates","public keys","PKI"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":["RFC7218","RFC7671","RFC8749"],"see_also":[],"doi":"10.17487\/RFC6698","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc6698"}