Git/email-toolbox-wiki
1
0
Fork 0
mirror of https://github.com/internetstandards/toolbox-wiki.git synced 2024-11-22 02:51:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update DANE-for-SMTP-how-to.md

Browse Source
This commit is contained in:
Dennis Baaten 2019-08-28 14:26:22 +02:00 committed by GitHub
parent 93bc52998f
commit 3b2e3d9130
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
DANE-for-SMTP-how-to.md
View File

@ -85,16 +85,18 @@ In short: DANE allows sending mail servers to unconditionally require STARTTLS w
# DANE TLSA record example # DANE TLSA record example
![](DANE-example-TLSA-record.png) ![](DANE-example-TLSA-record.png)
**Usage**: says something about the type of certificate that is used for this TLSA record. **Usage**: says something about the type of certificate that is used for this TLSA record.
2: intermediate / root certificate 2: intermediate / root certificate
3: end-entity certificaat 3: end-entity certificate
**Selector**: this is about the scope of the fingerprint regarding this TLSA record.
0: fingerprint with regard to the full certificate **Selector**: this is about the scope of the fingerprint regarding this TLSA record.
1: fingerprint with regard to the public key 0: fingerprint with regard to the full certificate
**Matching type**: information about the hashing mechanism used for fingeeprint regarding this TLSA record. 1: fingerprint with regard to the public key
0: no hasing, full information
1: SHA2-256 hash **Matching type**: information about the hashing mechanism used for fingeeprint regarding this TLSA record.
2: SHA2-512 hash 0: no hasing, full information
1: SHA2-256 hash
2: SHA2-512 hash
# Advantages of DANE explained by illustrations # Advantages of DANE explained by illustrations
## Mail delivery: TLS without DANE ## Mail delivery: TLS without DANE