On Sun, Aug 29, 2021 at 07:16:20AM -0600, Theo de Raadt wrote: > Is there a strong reason why this has to be in that specific library?
Not really. I did see gnutls has dane functions and openssl has them too. I can stick to just rolling the needed functionality in the syslogd. Noone out there is doing this already right? Best Regards, -peter > Peter J. Philipp <[email protected]> wrote: > > > Hi, > > > > I was wondering if anyone has wanted to implement DANE functions into > > OpenBSD? > > And LibreSSL perhaps? I want this for syslogd with TLS, but not sure if I'd > > be on someones toes here, if I start implementing... > > > > With unwind we can make use of things such as DANE due to validation of > > DNSSEC. > > > > Best Regards, > > -peter > >
