some time ago, there were rumours about a new protocol for controlling DNS
servers from various vendors. I think that FreeIPA could benefit from such
protocol - in long term perspective.
Please, join the 'nsrpc' mailing list dedicated to the new protocol and
contribute to protocol design.
Note that 'security' is open of big open questions!
The proposal/first protocol design:
Thank you for your time!
-------- Original Message --------
Subject: Interoperable NS control protocol R2
Date: Wed, 7 Aug 2013 10:20:38 +0200
From: Marek Vavrusa
about a year ago, a couple of us (DNS vendors) sat at a table and talked about
how to make NS control interoperable. This resulted in a paper where we
described what do (and more importantly, what do we don't) want. Since then,
the idea is still sound, but also a lot of changes happened. Like the demand
for the ability of a NS to talk to each other, zone provisioning and a
possible (web?) front-end for this protocol. We also had some feedback from
other people in the industry, so I came up with several changes to accomodate
for recent changes and added a bit of futureproofing. With all this, I'd like
to raise the topic again and see if there's still any agreement and will to do
Here's a draft, but a very very open to discussion and clarification. The main
changes are shift to notation like JSON(-RPC), so we don't have to reinvent
the wheel, rambling about what is and isn't core and a couple thoughts about
confidentiality and security.
We also set up a mailinglist to joint the discussion
I'd really like to make this happen and deliver an actual code, as soon as we
reach some sort of agreement on this.
Marek Vavruša Knot DNS
CZ.NIC Labs http://www.knot-dns.cz
Americká 23, 120 00 Praha 2, Czech Republic
WWW: http://labs.nic.cz http://www.nic.cz
Freeipa-devel mailing list