On 25.9.2013 08:20, Christian Horn wrote:
On Tue, Sep 24, 2013 at 11:23:29AM -0600, Erinn Looney-Triggs wrote:
I wanted to bring up the idea of integrating TLSA records into FreeIPA
so that a host that is issued a certificate for say the web server (via
dogtag) would also publish that information in DNS using a TLSA record.
This is very much like how SSHFP records are handled now in FreeIPA.

Has this been considered at all?

Hm.. another nice idea would be to announce services via
zeroconf/bonjour.  I guess effectively its the same as having clients
search in DNS "who offers service XYZ" which we already do for ker-
beros, ldap etc.

Interesting idea. Do you know any real use cases? I have not seen Bonjour in real use except for network printers.

Please create RFE ticket (request for enhancement) to prevent it from falling through the cracks:
https://fedorahosted.org/freeipa/newticket

I would recommend you to add your e-mail address to Cc field in the ticket to get latest updates.

We can continue with discussion about use cases here and copy conclusions to the ticket later.

--
Petr^2 Spacek

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to