Recently I have been in a discussion about DNS RR that hold X.509
certificates.
I am asking this here, as I *Think* there may be some knowledge here
without me joining other lists...
I was aware of DANE's rfc6698 that holds both X.509 certs or
SubjectPublicKeyInfo.
But I was pointed at rfc4398 Which does NOT handle
SubjectPublicKeyInfo, but handles X.509 and other formats.
Interesting that they both end in '98' and this is way after Jon was
around seeing to how RFC numbers were assigned :)
What was the deciding point not to use 4398 for DANE? (and now DANCE)
What is 4398 currently used for? Why was it not just updated to add
SubjectPublicKeyInfo rather than add a new RR?
And then there is rfc7250 which references 6698...
Thank you.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
