Skip to main content

Credential Confirmation with DNS
draft-steele-spice-tlsa-cnf-00

Document Type Expired Internet-Draft (individual)
Expired & archived
Author Orie Steele
Last updated 2024-12-11 (Latest revision 2024-06-09)
RFC stream (None)
Intended RFC status (None)
Formats
Additional resources GitHub Repository
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:

Abstract

Digital Crededentials on the Internet often JSON Web Token (JWT) and CBOR Web Token (CWT), which depends on third parties to certify the keys used. This document improves on that situation by enabling the administrators of domain names to specify the keys used in that domain's digital credentials. This is accomplished by describing how to discover thumbprints for proof-of-possession keys, as described in RFC 7800 and RFC 8747, using TLSA Records as described in RFC 6698. This approach can be leveraged to develop revocation and assurance capabilities for digital credentials.

Authors

Orie Steele

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)