DNS-Based Authentication of Named Entities (DANE) Parameters
- Created
- 2012-06-28
- Last Updated
- 2014-04-23
- Available Formats
-
XML
HTML
Plain text
Registries included below
TLSA Certificate Usages
- Registration Procedure(s)
-
RFC Required
- Reference
- [RFC6698][RFC7218]
- Available Formats
-
CSV
| Value |
Acronym |
Short Description |
Reference |
| 0 |
PKIX-TA |
CA constraint |
[RFC6698] |
| 1 |
PKIX-EE |
Service certificate constraint |
[RFC6698] |
| 2 |
DANE-TA |
Trust anchor assertion |
[RFC6698] |
| 3 |
DANE-EE |
Domain-issued certificate |
[RFC6698] |
| 4-254 |
|
Unassigned |
|
| 255 |
PrivCert |
Reserved for Private Use |
[RFC6698] |
TLSA Selectors
- Registration Procedure(s)
-
Specification Required
- Expert(s)
-
Unassigned
- Reference
- [RFC6698][RFC7218]
- Available Formats
-
CSV
| Value |
Acronym |
Short Description |
Reference |
| 0 |
Cert |
Full certificate |
[RFC6698] |
| 1 |
SPKI |
SubjectPublicKeyInfo |
[RFC6698] |
| 2-254 |
|
Unassigned |
|
| 255 |
PrivSel |
Reserved for Private Use |
[RFC6698] |
TLSA Matching Types
- Registration Procedure(s)
-
Specification Required
- Expert(s)
-
Unassigned
- Reference
- [RFC6698][RFC7218]
- Available Formats
-
CSV
| Value |
Acronym |
Short Description |
Reference |
| 0 |
Full |
No hash used |
[RFC6698] |
| 1 |
SHA2-256 |
256 bit hash by SHA2 |
[RFC6234] |
| 2 |
SHA2-512 |
512 bit hash by SHA2 |
[RFC6234] |
| 3-254 |
|
Unassigned |
|
| 255 |
PrivMatch |
Reserved for Private Use |
[RFC6698] |
