On 08/22/2015 05:27 AM, Viktor Dukhovni wrote:
On Sat, Aug 22, 2015 at 05:24:03AM -0700, Alice Wonder wrote:
The certificate is a 1 0 1 and not a 3 0 1
It seems to suggest that I change the TLSA record to 3 0 1
Or even better a "3 1 1".
Why is hash of SubjectPublicKeyInfo preferred over hash of the actual
certificate?
https://tools.ietf.org/html/draft-ietf-dane-ops-16#section-5.1
More specifically, it is RECOMMENDED that at most sites TLSA records
published for DANE servers be "DANE-EE(3) SPKI(1) SHA2-256(1)"
records. Selector SPKI(1) is chosen because it is compatible with
raw public keys ([RFC7250]) and the resulting TLSA record need not
change across certificate renewals with the same key. Matching type
SHA2-256(1) is chosen because all DANE implementations are required
to support SHA2-256.
Okay thanks, I'm now getting into in the practice of generating new
private keys once a year anyway, just because there have been exploits
in the past (e.g. heartbleed) that allowed private key compromise
remotely. So ease of re-issue isn't an issue for me.
