On 10/12/2012 07:07 PM, Paul Wouters wrote: > On Fri, 12 Oct 2012, Nikos Mavrogiannopoulos wrote: > >> The 3 first bytes of the TLSA entry are also above. The issue is in the >> "Selector" field which has 1 instead of zero. >> >> I contacted the forfun.net admin who said that he just used the dane.py >> script. Is this known or am I missing something? > > The dane.py script was an old script based on an earlier draft, and the > usage had different meanings then. They should use a more modern tool > to generate TLSA records. The hash-slinger tlsa command, swede or > ldns-dane (coming in the next version of ldns) are known to be good.
I've also added a tool to generate dane TLSA entries in the latest gnutls. regards, Nikos _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
