Greetings All,
This draft describes the Certificate Transparency (CT) information of the DNS resolver. It adds a new DNS Resolver Information Key (Follow RFC9606): CT. - CT=1 indicates that the certificate of the encrypted DNS resolver contains embedded SCTs. - CT=2 indicates that the encrypted DNS resolver supports the transparency_info TLS extension. The background certificate hijacking issue: https://arstechnica.com/security/2025/09/mis-issued-certificates-for-1-1-1-1-dns-service-pose-a-threat-to-the-internet/ Best Regards, 潘蓝兰(Pan Lanlan) ---------- Forwarded message --------- 发件人: <[email protected]> Date: 2025年9月5日周五 13:35 Subject: New Version Notification for draft-pan-dnsop-ct-info-of-dns-resolver-00.txt To: Lanlan Pan <[email protected]> A new version of Internet-Draft draft-pan-dnsop-ct-info-of-dns-resolver-00.txt has been successfully submitted by Lanlan Pan and posted to the IETF repository. Name: draft-pan-dnsop-ct-info-of-dns-resolver Revision: 00 Title: Certificate Transparency (CT) information of DNS resolver Date: 2025-09-05 Group: Individual Submission Pages: 4 URL: https://www.ietf.org/archive/id/draft-pan-dnsop-ct-info-of-dns-resolver-00.txt Status: https://datatracker.ietf.org/doc/draft-pan-dnsop-ct-info-of-dns-resolver/ HTMLized: https://datatracker.ietf.org/doc/html/draft-pan-dnsop-ct-info-of-dns-resolver Abstract: This document describes the Certificate Transparency (CT) information of the DNS resolver. The IETF Secretariat
_______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
