Paul
On Sep 28, 2012, at 1:55 PM, Paul Wouters wrote:
> [paul@bofh ~]$ python
> Python 2.7.3 (default, Jul 24 2012, 10:05:38) [GCC 4.7.0 20120507 (Red Hat
> 4.7.0-5)] on linux2
> Type "help", "copyright", "credits" or "license" for more information.
>>>> import dns.resolver
>>>> answers = dns.resolver.query('_443.import dns.resolver', 'TLSA')
Excellent! Worked beautifully with:
import dns.resolver
answers= dns.resolver.query('_443._tcp.www.torproject.org','TLSA')
for rdata in answers:
print rdata
I can see the TLSA record.
So now I have the record... assuming I used dnspython as part of a larger
application I would now be able to compare the record to the TLS certificate I
get from a website. Any code in here to help with the comparison? Or is that
something I would need to do in my code? (i.e. write a function to do a hash
on the TLS certificate and compare that to the TLSA record)
> Hope this helps,
It does.
> Note that Pieter's TLSA patch in dnspython has been pushed into Fedora/RHEL a
> few days ago. It's available in updates-testing and should be available
> as a released update in a week or so.
Great!
Thanks,
Dan
--
Dan York [email protected]
http://www.danyork.me/ skype:danyork
Phone: +1-802-735-1624
Twitter - http://twitter.com/danyork
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
