On Tue, Apr 16, 2013 at 08:21:18AM +0200, Sandoche Balakrichenan wrote:
> > Is the document a paper for academic publication or a How-To guide
> > for system administrators? It seems to be a strange mixture of
> > the two.
>
> ==> More as an How-To guide?
And yet it is written in the style of an academic paper.
If it is a How-To, it needs to be HTML not PDF, with links at the
top to each section and links to references in-line, not in a
references section at the end. A How-To guide is rarely read in
full.
Since this How-To guide is not for implementors of client-side
browser implementations, it does not need to discuss the features
or tests of such a client.
The not generally pre-installed SWEDE tool is not needed to compute
the certificate and public-key digests, for example with OpenSSL:
# Certificate digest with with OpenSSL:
$ openssl x509 -in /tmp/cert.pem -outform DER |
openssl dgst -sha256 |
awk -v L=www.example.com '{printf "%s. IN TLSA 3 0 1 %s\n", L, $NF}'
# Public key digest with OpenSSL 1.0.x with all certificate types.
$ openssl x509 -in cert.pem -noout -pubkey |
openssl pkey -pubin -outform DER |
openssl dgst -sha256 |
awk -v L=www.example.com '{printf "%s. IN TLSA 3 1 1 %s\n", L, $NF}'
# Public key digest with OpenSSL 0.9.8 with RSA certificates.
$ openssl x509 -in cert.pem -noout -pubkey |
openssl rsa -pubin -outform DER |
openssl dgst -sha256 |
awk -v L=www.example.com '{printf "%s. IN TLSA 3 1 1 %s\n", L, $NF}'
The guide needs to be more concise with sections clearly focused on the
limited attention of a How-To reader.
--
Viktor.
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
