Pieter, On Sep 26, 2012, at 5:12 PM, Pieter Lexis wrote:
> Looks good to me. Appendix A.4 of RFC 6698[0] describes the way to do it > (it is similar to DNSSEC key-rollover). I would recommend reading > Appendix A in full to understand the implication of certain choices of > matching type and selector. Appendix A is great... but I'm looking to create something that is *extremely* simple and easy. I think it really needs to be tool-based so that people just have to run some scripts. > As for tooling, I wrote a (proof of concept) tool called 'swede'[2] in > January of this year (and updated it when needed). It has been used to > create the Examples (Appendix C) in RFC 6698. The code is a bit messy, > but it works. I'm currently re-implementing it in a more maintainable > fashion (hopefully finished within a few weeks, but you never know). Very cool! I'm now watching your repo at: > 2 - https://github.com/pieterlexis/swede and will check out the code and try it out. I also noticed recently that you added TLSA support into dnspython although it wasn't immediately clear to me how to use that support. (dnspython could use some examples related to dnssec in general... at some point I may go and write some if no else does that first.) Thanks for the suggestions and the link to swede. Dan -- Dan York [email protected] http://www.danyork.me/ skype:danyork Phone: +1-802-735-1624 Twitter - http://twitter.com/danyork
_______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
