On 12 October 2012 21:24, Nikos Mavrogiannopoulos <[email protected]> wrote: > On 10/12/2012 07:07 PM, Paul Wouters wrote: > >> On Fri, 12 Oct 2012, Nikos Mavrogiannopoulos wrote: >> >>> The 3 first bytes of the TLSA entry are also above. The issue is in the >>> "Selector" field which has 1 instead of zero. >>> >>> I contacted the forfun.net admin who said that he just used the dane.py >>> script. Is this known or am I missing something? >> >> The dane.py script was an old script based on an earlier draft, and the >> usage had different meanings then. They should use a more modern tool >> to generate TLSA records. The hash-slinger tlsa command, swede or >> ldns-dane (coming in the next version of ldns) are known to be good. > > > I've also added a tool to generate dane TLSA entries in the latest gnutls.
Hmm, good point, I should add that to OpenSSL. > > regards, > Nikos > > _______________________________________________ > dane mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dane _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
