dnssec-signzone SMIMEA/TYPE65280 RR
each at isc.org
Fri Oct 31 17:46:08 UTC 2014
On Tue, Oct 28, 2014 at 04:48:20AM +1100, shmick at riseup.net wrote:
> i couldn't sign a zone with the draft SMIMEA RR from debian jessie based OS
It's not yet been implemented in BIND.
I expect we will, but not until it's at least been allocated a type code
and most likely not until it's published as an RFC.
> also when i tried TYPE65280 for OPENPGPKEY RRs i got:
This one does have a type code but AFAIK the specification is still in
Unknown types can always be represented in BIND, though. You could enter
your key as a TYPE61 record, but you'll need to encode it in hexidecimal
(not base64), e.g.:
<hash>._openpgpkey.example.com. IN TYPE61 \# 128 FA302B31....
This is cumbersome, but it's the sort of thing a script can do. (If you
happen to write such a script, it'd be swell if you posted it here...)
Evan Hunt -- each at isc.org
Internet Systems Consortium, Inc.
More information about the bind-users