DNS-based Authentication of Named Entities

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates, commonly used for Transport Layer Security (TLS), to be bound to DNS names using Domain Name System Security Extensions (DNSSEC). It is proposed in as a way to authenticate TLS client and server entities without a certificate authority (CA). It is updated with operational and deployment guidance in . Application specific usage of DANE is defined in for SMTP and for using DANE with Service (SRV) records.

DNS-based Authentication of Named Entities

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates, commonly used for Transport Layer Security (TLS), to be bound to DNS names using Domain Name System Security Extensions (DNSSEC). It is proposed in as a way to authenticate TLS client and server entities without a certificate authority (CA). It is updated with operational and deployment guidance in . Application specific usage of DANE is defined in for SMTP and for using DANE with Service (SRV) records.