Wei Chuang <[email protected]> wrote Thu, 16 Mar 2017 10:09:44 -0700:
> spoofing the child zone. Is there still interest in this? From the list > archives, I can't see what the issues were though I'm guessing one of them > was respecifying the DS resource record to use a SCT which might have > caused compatibility concerns. (But please correct me if I'm wrong) Other > than that, the draft seems pretty reasonable. Were there other concerns? I'm still interested in logging things DNSSEC. The test log set up at the IETF Berlin hackathon [0] is still running [1]. We lack a client for submission. Protocol deviations from draft-zhang-trans-ct-dnssec-03 are summarized in [2]. [0] https://lists.sunet.se/pipermail/dnssec-transparency/2016-July/000049.html [1] curl -A "" -x socks4a://127.0.0.1:9050/ -s http://teowuafdvio2mip5.onion/dt/v1/get-sth | json_pp --8<---------------cut here---------------start------------->8--- { "tree_head_signature" : "BAMARjBEAiA48+vqfg2O3ZbVYvlMxof2dzLwJ09gPtdY3FGtq1LbaAIgXWD4qfCOh38JzCz52E1B1cdkI+8+gHitA1DNMC4Zl2g=", "timestamp" : 1489739801931, "tree_size" : 1, "sha256_root_hash" : "OQFz17e1piHRfRRsAG3QkweRuq/jyrjViq+vZbkyY+I=" } --8<---------------cut here---------------end--------------->8--- [2] https://git.nordu.net/?p=user/linus/catlfish.git;a=blob_plain;f=README-dnssec.md;hb=refs/heads/dnssec2 _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
