Use of the SHA-256 Algorithm with RSA, Digital Signature Algorithm , and Elliptic Curve DSA in SSHFP Resource Records
RFC 6594, “Use of the SHA-256 Algorithm with RSA, Digital Signature Algorithm , and Elliptic Curve DSA in SSHFP Resource Records”, is a Proposed Standard document published in April 2012 by O. Sury. The canonical text is published by the RFC Editor.
Abstract
This document updates the IANA registries in RFC 4255, which defines SSHFP, a DNS Resource Record (RR) that contains a standard Secure Shell (SSH) key fingerprint used to verify SSH host keys using DNS Security Extensions (DNSSEC). This document defines additional options supporting SSH public keys applying the Elliptic Curve Digital Signature Algorithm (ECDSA) and the implementation of fingerprints computed using the SHA-256 message digest algorithm in SSHFP Resource Records. [STANDARDS-TRACK]
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 6594 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 6593 Service Undiscovery Using Hide-and-Go-Seek for the Domain Pseudonym System
- RFC 6595 A Simple Authentication and Security Layer and GSS-API Mechanism for the Security Assertion Markup Language
- RFC 6592 The Null Packet
- RFC 6596 The Canonical Link Relation
- RFC 6591 Authentication Failure Reporting Using the Abuse Reporting Format
- RFC 6597 RTP Payload Format for Society of Motion Picture and Television Engineers ST 336 Encoded Data
- RFC 6590 Redaction of Potentially Sensitive Data from Mail Abuse Reports
- RFC 6598 IANA-Reserved IPv4 Prefix for Shared Address Space