2.2.2.2.4.26 DNS_RPC_RECORD_TLSA
The DNS_RPC_RECORD_TLSA structure SHOULD<23> specify a TLSA resource record as defined in [RFC6698] section 2. This record MUST be formatted as follows.
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
bCertUsage |
bSelector |
bMatchingType |
bCertificateAssociationData |
||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
bCertUsage (1 byte): Specifies the association used to match the certificate presented during TLS handshake ([RFC6698] section 2.1.1).
bSelector (1 byte): Specifies the part of the TLS certificate which will be matched against the TLS association data ([RFC6698] section 2.1.2.
bMatchingType (1 byte): Specifies how the certificate association is presented ([RFC6698] section 2.1.3).
bCertificateAssociationData (variable): Specifies the certificate association data that is to be matched ([RFC6698] section 2.1.4).