Secure Shell Fingerprintsdraft-ietf-secsh-dns-00.txt
Secure Shell (SSH) client can authenticate the identity of a remote server using a public key
- Once the key has been verified, it could be cached for further connections
- The problem is how to securely verify the key the first time
Only the key fingerprint is needed since the key is transferred in-band upon connection
The SSHFP RR carries the key algorithm, fingerprint algorithm and the fingerprint itself