On 24.9.2013 19:23, Erinn Looney-Triggs wrote:
I wanted to bring up the idea of integrating TLSA records into FreeIPA
so that a host that is issued a certificate for say the web server (via
dogtag) would also publish that information in DNS using a TLSA record.
This is very much like how SSHFP records are handled now in FreeIPA.

Has this been considered at all?

I am more than happy to write up some more info about this, I just
wanted to get a preliminary idea of whether this had been considered at

You definitely have my +1!

I'm working on DNSSEC support in FreeIPA, but we didn't went so far in our plans :-)

Please create RFE ticket (request for enhancement):

You will need an Fedora Account, please follow this:

I would recommend you to add your e-mail address to Cc field in the ticket to get latest updates.

We can continue with discussion here, of course!

Petr^2 Spacek

Freeipa-users mailing list

Reply via email to