Hello, Kerberos experts might be interested in this draft. I did not have time to go through this yet.
Discussion continues on dns...@ietf.org, please reply there. Petr^2 Spacek -------- Forwarded Message -------- Subject: [dnsext] New RRtype "KREALM" in draft-vanrein-dnstxt-krb1-02.txt Date: Thu, 03 Sep 2015 17:36:08 +0200 From: Rick van Rein <r...@openfortress.nl> To: dns...@ietf.org Hello, I am working on an I-D that allocates a new RRtype in DNS, named KREALM. This RR is meant to store Kerberos realm descriptions in DNS; this has hitherto been desired but impossible to do securely, but nowadays the broad acceptance of DNSSEC permits this facility. Please let me know if you have any feedback or questions! Cheers, Rick van Rein for ARPA2.net > A new version of I-D, draft-vanrein-dnstxt-krb1-02.txt > has been successfully submitted by Rick van Rein and posted to the > IETF repository. > > Name: draft-vanrein-dnstxt-krb1 > Revision: 02 > Title: Kerberos Realm Descriptors in DNS (KREALM) > Document date: 2015-09-03 > Group: Individual Submission > Pages: 15 > URL: > https://www.ietf.org/internet-drafts/draft-vanrein-dnstxt-krb1-02.txt > Status: https://datatracker.ietf.org/doc/draft-vanrein-dnstxt-krb1/ > Htmlized: https://tools.ietf.org/html/draft-vanrein-dnstxt-krb1-02 > Diff: https://www.ietf.org/rfcdiff?url2=draft-vanrein-dnstxt-krb1-02 > > Abstract: > This specification defines methods to determine Kerberos realm > descriptive information for services that are known by their DNS > name. Currently, finding such information is done through static > mappings or educated guessing. DNS can make this process more > dynamic, provided that DNSSEC is used to ensure authenticity of > resource records. > _______________________________________________ dnsext mailing list dns...@ietf.org https://www.ietf.org/mailman/listinfo/dnsext -- Petr^2 Spacek -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code