I wanted to bring up the idea of integrating TLSA records into FreeIPA
so that a host that is issued a certificate for say the web server (via
dogtag) would also publish that information in DNS using a TLSA record.
This is very much like how SSHFP records are handled now in FreeIPA.

Has this been considered at all?

I am more than happy to write up some more info about this, I just
wanted to get a preliminary idea of whether this had been considered at
all...

-Erinn



Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to