{"draft":"draft-ietf-dane-srv-14","doc_id":"RFC7673","title":"Using DNS-Based Authentication of Named Entities (DANE) TLSA Records with SRV Records","authors":["T. Finch","M. Miller","P. Saint-Andre"],"format":["ASCII","HTML"],"page_count":"16","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"DNS-based Authentication of Named Entities","abstract":"The DNS-Based Authentication of Named Entities (DANE) specification\r\n(RFC 6698) describes how to use TLSA resource records secured by\r\nDNSSEC (RFC 4033) to associate a server's connection endpoint with\r\nits Transport Layer Security (TLS) certificate (thus enabling\r\nadministrators of domain names to specify the keys used in that\r\ndomain's TLS servers).  However, application protocols that use SRV\r\nrecords (RFC 2782) to indirectly name the target server connection\r\nendpoints for a service domain name cannot apply the rules from RFC\r\n6698.  Therefore, this document provides guidelines that enable such\r\nprotocols to locate and use TLSA records.","pub_date":"October 2015","keywords":[],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC7673","errata_url":null}