duxsco
Reputation: 361
What is the correct TLSA record for the QUIC protocol?
As QUIC is based on UDP, is the following entry correct?
_443._udp.example.com. 300 IN TLSA 1 0 1 HASH...
Upvotes: 3
Views: 144
Answers (1)
Jonathan Jewell
Reputation: 1
No, it is using the quic transport protocol on 443 for this specific purpose:
_443._quic.example.com. 300 IN TLSA 1 0 1 HASH...
Obviously, substitute all the other bits [example.com, TTL and the various usage, selector, and matching-type to suit.
This might be a useful tool for you, though, if you haven't found the answer in 6 years and 4 months...anyway, so that people who come here can find an answer to it, I thought I'd add something here! I noticed it came up first in a web search on the topic.
https://www.tlsagenerator.com/
Upvotes: 0
Related Questions
- Does the QUIC protocol encrypt ClientHello?
- What does QD stand for in DNS RFC1035
- QUIC-Transfer Protocol need not TLS?
- How to list all DNS records including DANE TLSA
- Wireshark/QUIC - Cannot decrypt QUIC
- Verifying NSEC3 records
- How to setup DNSSEC for DNS records on AWS
- Does http3/quic fall back to tls 1.2 if the browser doesn't support quic?
- dnssec-dsfromkey showing unknown algorithm error
- where and how to submit DNSSEC DS record for a IDN ccTLD