pub enum Protocol {
Reserved,
TLS,
Email,
DNSSec,
IPSec,
Other(u8),
All,
}
Expand description
RFC 2535, Domain Name System Security Extensions, March 1999
3.1.3 The Protocol Octet
It is anticipated that keys stored in DNS will be used in conjunction
with a variety of Internet protocols. It is intended that the
protocol octet and possibly some of the currently unused (must be
zero) bits in the KEY RR flags as specified in the future will be
used to indicate a key's validity for different protocols.
The following values of the Protocol Octet are reserved as indicated:
VALUE Protocol
0 -reserved
1 TLS
2 email
3 dnssec
4 IPSEC
5-254 - available for assignment by IANA
255 All
In more detail:
1 is reserved for use in connection with TLS.
2 is reserved for use in connection with email.
3 is used for DNS security. The protocol field SHOULD be set to
this value for zone keys and other keys used in DNS security.
Implementations that can determine that a key is a DNS
security key by the fact that flags label it a zone key or the
signatory flag field is non-zero are NOT REQUIRED to check the
protocol field.
4 is reserved to refer to the Oakley/IPSEC [RFC 2401] protocol
and indicates that this key is valid for use in conjunction
with that security standard. This key could be used in
connection with secured communication on behalf of an end
entity or user whose name is the owner name of the KEY RR if
the entity or user flag bits are set. The presence of a KEY
resource with this protocol value is an assertion that the
host speaks Oakley/IPSEC.
255 indicates that the key can be used in connection with any
protocol for which KEY RR protocol octet values have been
defined. The use of this value is discouraged and the use of
different keys for different protocols is encouraged.
RFC3445, Limiting the KEY Resource Record (RR), December 2002
All Protocol Octet values except DNSSEC (3) are eliminated
Variants
Reserved
👎 Deprecated:
Deprecated by RFC3445
Not in use
TLS
👎 Deprecated:
Deprecated by RFC3445
Reserved for use with TLS
Email
👎 Deprecated:
Deprecated by RFC3445
Reserved for use with email
DNSSec
Reserved for use with DNSSec (Trust-DNS only supports DNSKEY with DNSSec)
IPSec
👎 Deprecated:
Deprecated by RFC3445
Reserved to refer to the Oakley/IPSEC
Other(u8)
👎 Deprecated:
Deprecated by RFC3445
Undefined
All
👎 Deprecated:
Deprecated by RFC3445
the key can be used in connection with any protocol
Trait Implementations
Auto Trait Implementations
impl RefUnwindSafe for Protocol
impl UnwindSafe for Protocol
Blanket Implementations
Mutably borrows from an owned value. Read more