Back DNS-based Authentication of Named Entities Czech DNS-based Authentication of Named Entities German DNS - based Authentication of Named Entities French DNS-based Authentication of Named Entities Japanese DNS-based Authentication of Named Entities Dutch DANE Russian
| Internet security protocols |
|---|
| Key management |
| Application layer |
| Domain Name System |
| Internet Layer |
DNS-based Authentication of Named Entities (DANE) is an Internet security protocol to allow X.509 digital certificates, commonly used for Transport Layer Security (TLS), to be bound to domain names using Domain Name System Security Extensions (DNSSEC).[1]
It is proposed in RFC 6698 as a way to authenticate TLS client and server entities without a certificate authority (CA). It is updated with operational and deployment guidance in RFC 7671. Application specific usage of DANE is defined in RFC 7672 for SMTP and RFC 7673 for using DANE with Service (SRV) records.
- ^ Samad, Muhammad Alif Adha Bin (October 6, 2011). "DANE: Taking TLS Authentication to the Next Level Using DNSSEC". IETF Journal. Retrieved August 5, 2018.