On Sat, Mar 08, 2025 at 05:17:01PM -0800, Russ Housley via Datatracker wrote:
> Section 3.3: The text allows the use of [RFC7250] must be used in
> the context of [RFC8446]. How is the requirement for certificates
> accomplished with raw public keys? I am unaware of any way to do so.
Well, FWIW, DANE-EE(3) TLSA records make it possible to validate the the
raw public key of a peer. So mutual TLS authentication is possible with
RFC7250 raw public keys as the "certificate type". But this is not well
known, and might deserve a few sentences if intended to be supported in
some cases.
The TLSA records associated with a server might be published in DNS
(validated via DNSSEC), or might be a matter of local policy (static
client-side configuration).
The TLSA records to authenticate a client's raw public key are much more
likely to be static local policy on the server, but could in principle
also be obtained from DNS if the client identity is DNS-based and this
is supported by the server.
OpenSSL does support authentication of raw public keys (both server and
client) via TLSA records. It is up to the application to provide these,
whether obtained from DNS, locally stored, or synthesised from some
other form (e.g. stored copies of the expected public keys).
Postfix supports authentication of server RPKs, and use of client RPKs
in ACLs based on lookup tables with the public key digest as a key.
$ posttls-finger -c -Lsummary dnssec-stats.ant.isi.edu
posttls-finger: Verified TLS connection established
to dnssec-stats.ant.isi.edu[128.9.29.254]:25:
TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519MLKEM768
server-signature RSA-PSS (2048 bit raw public key)
server-digest SHA256
--
Viktor.
--
last-call mailing list -- last-call@xxxxxxxx
To unsubscribe send an email to last-call-leave@xxxxxxxx
