On Tue, Sep 24, 2013 at 11:23:29AM -0600, Erinn Looney-Triggs wrote:
> I wanted to bring up the idea of integrating TLSA records into FreeIPA
> so that a host that is issued a certificate for say the web server (via
> dogtag) would also publish that information in DNS using a TLSA record.
> This is very much like how SSHFP records are handled now in FreeIPA.
> Has this been considered at all?
Hm.. another nice idea would be to announce services via
zeroconf/bonjour. I guess effectively its the same as having clients
search in DNS "who offers service XYZ" which we already do for ker-
beros, ldap etc.
Freeipa-users mailing list