DNS-Based Authentication of Named Entities (DANE) Bindings for OpenPGP

Wouters, Paul

doi:10.17487/rfc7929

Cited by 15 publications

(15 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Note that the information returned in the SMIMEA record might be for the end entity certificate, or it might be for the trust anchor or an intermediate certificate. This mechanism is similar to the one given in [RFC7929] for OpenPGP.…”

Section: The Smimea Resource Recordsupporting

confidence: 79%

“…This document describes a mechanism for associating a user's certificate with the domain that is similar to that described in DANE itself [RFC6698], as updated by [RFC7218] and [RFC7671]; it is also similar to the mechanism given in [RFC7929] for OpenPGP. Most of the operational and security considerations for using the mechanism in this document are described in RFC 6698 and are not described here at all.…”

Section: Rfc 8162 Dns-based Authentication For S/mimementioning

confidence: 99%

“…A great deal of material in this document is copied from [RFC7929]. That material was created by Paul Wouters and other participants in the IETF DANE WG.…”

Section: Acknowledgementsmentioning

confidence: 99%

See 2 more Smart Citations

Using Secure DNS to Associate Certificates with Domain Names for S/MIME

Schlyter¹,

Hoffman²

2017

View full text Add to dashboard Cite

show abstract

Section: The Smimea Resource Recordsupporting

confidence: 79%

Section: Rfc 8162 Dns-based Authentication For S/mimementioning

confidence: 99%

See 1 more Smart Citation

Using Secure DNS to Associate Certificates with Domain Names for S/MIME

Schlyter¹,

Hoffman²

2017

View full text Add to dashboard Cite

show abstract

“…Traditionally, this was done using dedicated key/certificate servers, LDAP servers, etc., but these methods are not always easy to deploy and standardize for every enterprise. �ese certificates can be published through the DNS by a different implementation of the DANE mechanism for S/MIME [RFC8162] and OpenPGP [RFC7929]. S/MIME and OpenPGP, with their strengthening by DANE authentication are discussed below.…”

Section: End-to-end Authentication Using S/mime Digital Signaturesmentioning

confidence: 99%

“…A renewed interest in personal control over email authentication and encryption has led to further work within the IETF on key sharing, and the DANE mechanism [RFC7929] is being adopted to place a domain and user's public key in an OPENPGPKEY record in the DNS. Unlike DANE/TLS and SMIMEA, OPENPGPKEY does not use X.509 certificates, or require full PKIX authentication as an option.…”

Section: Openpgp and Openpgpkeymentioning

confidence: 99%

Trustworthy email

Rose¹,

Nightingale²,

Garfinkel³

et al. 2019

View full text Add to dashboard Cite

Authority �is publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Modernization Act (FISMA) of 2014, 44 U.S.C. § 3551 et seq., Public Law (P.L.) 113-283. NIST is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate federal officials exercising policy authority over such systems. �is guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130, Section 8b(3), Securing Agency Information Systems, as analyzed in Circular A-130, Appendix IV: Analysis of Key Sections. Supplemental information is provided in Circular A-130, Appendix III, Security of Federal Automated Information Resources. Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on federal agencies by the Secretary of Commerce under statutory authority. Nor should these guidelines be interpreted as altering or superseding the existing authorities of the Secretary of Commerce, Director of the OMB, or any other federal official. �is publication may be used by nongovernmental organizations on a voluntary basis and is not subject to copyright in the United States. Attribution would, however, be appreciated by NIST.

show abstract

Bibliography

2017

DNS Security Management

View full text Add to dashboard Cite

DNS-Based Authentication of Named Entities (DANE) Bindings for OpenPGP

Cited by 15 publications

References 10 publications

Using Secure DNS to Associate Certificates with Domain Names for S/MIME

Using Secure DNS to Associate Certificates with Domain Names for S/MIME

Trustworthy email

Bibliography

Contact Info

Product

Resources

About