Authenticating Raw Public Keys with DANE TLSA

Document Type Expired Internet-Draft (dane WG)
Last updated 2015-01-04 (latest revision 2014-07-03)
Stream IETF
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream WG state WG Document
Document shepherd No shepherd assigned
IESG IESG state Expired
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document standardizes how the Domain Name System can authenticate Raw Public Keys. Transport Level Security now has the option to use Raw Public Keys, but they require some form of external authentication. The document updates RFC 6698 to allow the Domain Name System to standardize the authentication of more types of keying material.


John Gilmore (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)