From e54585932e6191e173e67152ca6b5265fd3ca70f Mon Sep 17 00:00:00 2001 From: Hugo Landau Date: Wed, 16 Sep 2015 21:19:30 +0100 Subject: [PATCH 1/3] add SSHFP --- ifa-0001.md | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) diff --git a/ifa-0001.md b/ifa-0001.md index b8ee7b6..2b1e56e 100644 --- a/ifa-0001.md +++ b/ifa-0001.md @@ -460,7 +460,7 @@ Except where otherwise specified, any item with a value of `null` SHALL be treat The value for this item SHALL be of one of the following forms: - - An array of zero or more value. Each such value SHALL be a string conforming to the textual format specified in RFC 1876 s. 3 for the type-specific data. + - An array of zero or more values. Each such value SHALL be a string conforming to the textual format specified in RFC 1876 s. 3 for the type-specific data. - A string. Where this form is encountered, it SHALL be substituted with an array containing that string and be processed as though that was what as encountered, as per the above form. @@ -473,6 +473,31 @@ Except where otherwise specified, any item with a value of `null` SHALL be treat "loc": "10 Downing Street" + - "sshfp": Used to identify zero or more SSH server key fingerprints. This item shall map to zero or more DNS resource records of type "SSHFP", and is semantically equivalent to that set of resource records. + + The value for this item SHALL be one of the following forms: + + - An array of zero or more items. Each such value shall represent a SSHFP record, and SHALL be of the following form: + + - An array of at least three values. + + The first value SHALL be a non-negative integer expressible in 8 bits expressing the Algorithm field of the SSHFP record (RFC 4255 s. 3.1.1). + + The second value SHALL be a non-negative integer expressible in 8 bits expressing the Fingerprint Type field of the SSHFP record (RFC 4255 s. 3.1.2). + + The third value SHALL be a string containing the base64 encoding of the Fingerprint field of the SSHFP record (RFC 4255 s. 3.1.3). + + The textual expression of this field in RFC 4255 uses hex encoding. Therefore this field must be converted to the correct form by decoding it and reencoding it using base64. + + Any additional values in the array beyond the first four MUST be ignored. + + - A string. Where this form is encountered, it SHALL be substituted with an array containing that string and be processed as though that was what was encountered, as per the above form. + + Examples: + + "sshfp": [] + "sshfp": [2,1,"EjRWeJq83vZ4kBI0VniavN72eJA="] // conversion of example at RFC 4255 s. 3.1.2 + #### Administrative Constructs - "info": This optional item can be used to provide WHOIS-like information. From 00b32caead5320ec55f4ef971edc46930d1068d1 Mon Sep 17 00:00:00 2001 From: Hugo Landau Date: Wed, 16 Sep 2015 21:23:09 +0100 Subject: [PATCH 2/3] SSHFP --- ifa-0001.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/ifa-0001.md b/ifa-0001.md index 2b1e56e..2d99863 100644 --- a/ifa-0001.md +++ b/ifa-0001.md @@ -491,12 +491,10 @@ Except where otherwise specified, any item with a value of `null` SHALL be treat Any additional values in the array beyond the first four MUST be ignored. - - A string. Where this form is encountered, it SHALL be substituted with an array containing that string and be processed as though that was what was encountered, as per the above form. - Examples: "sshfp": [] - "sshfp": [2,1,"EjRWeJq83vZ4kBI0VniavN72eJA="] // conversion of example at RFC 4255 s. 3.1.2 + "sshfp": [[2,1,"EjRWeJq83vZ4kBI0VniavN72eJA="]] // conversion of example at RFC 4255 s. 3.1.2 #### Administrative Constructs From 1b0043a98fe8f4cf1a85ec92fdbe98d38b5886b3 Mon Sep 17 00:00:00 2001 From: Hugo Landau Date: Wed, 16 Sep 2015 21:23:57 +0100 Subject: [PATCH 3/3] SSHFP --- ifa-0001.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ifa-0001.md b/ifa-0001.md index 2d99863..f1880c1 100644 --- a/ifa-0001.md +++ b/ifa-0001.md @@ -489,7 +489,7 @@ Except where otherwise specified, any item with a value of `null` SHALL be treat The textual expression of this field in RFC 4255 uses hex encoding. Therefore this field must be converted to the correct form by decoding it and reencoding it using base64. - Any additional values in the array beyond the first four MUST be ignored. + Any additional values in the array beyond the first three MUST be ignored. Examples: