Mercurial > prosody-modules
diff mod_s2s_auth_dane/README.markdown @ 1837:6a3b48eded35
mod_s2s_auth_dane/README: Describe DANE uses
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Wed, 09 Sep 2015 17:00:41 +0200 |
parents | 5113f8ff6712 |
children | 1c6d04f012e9 |
line wrap: on
line diff
--- a/mod_s2s_auth_dane/README.markdown Wed Sep 09 17:00:23 2015 +0200 +++ b/mod_s2s_auth_dane/README.markdown Wed Sep 09 17:00:41 2015 +0200 @@ -36,6 +36,20 @@ "s2s_auth_dane"; } +DANE Uses +--------- + +By default, only DANE uses are enabled. + + dane_uses = { "DANE-EE", "DANE-TA" } + + Use flag Description + ----------- ------------------------------------------------------------------------------------------------------- + `DANE-EE` Most simple use, usually a fingerprint of the full certificate or public key used the service + `DANE-TA` Fingerprint of a certificate or public key that has been used to issue the service certificate + `PKIX-EE` Like `DANE-EE` but the certificate must also pass normal PKIX trust checks (ie standard certificates) + `PKIX-TA` Like `DANE-TA` but must also pass normal PKIX trust checks (ie standard certificates) + DNS Setup =========