Hi Q, It is great to see that you have a reference implementation for this draft. It would be helpful for you to add a “related-implementations” tag to https://datatracker.ietf.org/doc/draft-misell-acme-onion/ that points to the code in GitHub.
See https://mailarchive.ietf.org/arch/msg/hackathon/qT7hpFelPyk3aS1k9H0QzGAjdp8/ for additional details on this mechanism. Cheers, Charles On Apr 24, 2023, at 8:46 PM, Q Misell <[email protected]> wrote: Hi again Seo, I've published my fork of Tor with support for publishing CAA records: https://github.com/as207960/tor. There's also now a hidden service at znkiu4wogurrktkqqid2efdg4nvztm7d2jydqenrzeclfgv3byevnbid.onion<http://znkiu4wogurrktkqqid2efdg4nvztm7d2jydqenrzeclfgv3byevnbid.onion/> with CAA records in its hidden service descriptor. Thanks, Q ________________________________ Any statements contained in this email are personal to the author and are not necessarily the statements of the company unless specifically stated. AS207960 Cyfyngedig, having a registered office at 13 Pen-y-lan Terrace, Caerdydd, Cymru, CF23 9EU, trading as Glauca Digital, is a company registered in Wales under № 12417574<https://find-and-update.company-information.service.gov.uk/company/12417574>. ICO register №: ZA782876<https://ico.org.uk/ESDWebPages/Entry/ZA782876>. UK VAT №: GB378323867. EU VAT №: EU372013983. Turkish VAT №: 0861333524. South Korean VAT №: 522-80-03080. Glauca Digital and the Glauca logo are registered trademarks in the UK, under № UK00003718474 and № UK00003718468, respectively. On Sun, 23 Apr 2023 at 22:12, Q Misell <[email protected]<mailto:[email protected]>> wrote: Hi Seo, Thanks for the feedback. I copy pasted the list of logs into my code from https://github.com/google/certificate-transparency-community-site/blob/master/docs/google/known-logs.md, it would probably be a good idea to delete the old logs. The SERVFAIL response is non very clear, agreed. I'll improve my error handling there. In my testing, adding new records to the first layer descriptor doesn't bother the current Tor project tor implementation (seemingly the only one anyone ever uses). I'm still working on patching the tor router to add support for defining CAA but I'll definitely put up a few test services with different configurations once that's done. Thanks, Q ________________________________ Any statements contained in this email are personal to the author and are not necessarily the statements of the company unless specifically stated. AS207960 Cyfyngedig, having a registered office at 13 Pen-y-lan Terrace, Caerdydd, Cymru, CF23 9EU, trading as Glauca Digital, is a company registered in Wales under № 12417574<https://find-and-update.company-information.service.gov.uk/company/12417574>. ICO register №: ZA782876<https://ico.org.uk/ESDWebPages/Entry/ZA782876>. UK VAT №: GB378323867. EU VAT №: EU372013983. Turkish VAT №: 0861333524. South Korean VAT №: 522-80-03080. Glauca Digital and the Glauca logo are registered trademarks in the UK, under № UK00003718474 and № UK00003718468, respectively. On Sun, 23 Apr 2023 at 14:27, Seo Suchan <[email protected]<mailto:[email protected]>> wrote: google's solera 2018~2022 are no longer accept new record. solera ct log is sharded by notafter day of incoming certificates, so only log able to use currently be 2023 (assume 90 day certificate) when I ran you client for onion-csr without having hosted onion hidden service, server returned caa servfail, not sure this is right response for such (not yet hosted) domain: NXdomain or dedicated error code looks better. not sure how one can add a format in first layer like in 5.3 without breaking old tor client implementations. could make a hidden service with caa-critical online? P.S didn't notice you already posted v 02 of this draft. 2023-04-21 오전 7:04에 Q Misell 이(가) 쓴 글: > Hi all, > > Thanks for all your feedback over my draft. I've incorporated your > comments into a new draft, and published this. > > I've also finished my reference implementation of the draft, more > details available at https://acmeforonions.org<https://acmeforonions.org/>. > I'd be delighted if > you'd try it out and let me know what you think. > > Thanks, > Q > > _______________________________________________ > Acme mailing list > [email protected]<mailto:[email protected]> > https://www.ietf.org/mailman/listinfo/acme _______________________________________________ Acme mailing list [email protected]<mailto:[email protected]> https://www.ietf.org/mailman/listinfo/acme _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
