parental CDS/CDNSKEY
Tony Finch
dot at dotat.at
Wed Jul 26 11:18:38 UTC 2017
Is anyone working on a parent-side implementation of CDS/CDNSKEY?
The special validation requirements in RFC 7344 can't be done in the style
of the Python scripts (dnssec-checkds, shelling out to `dig`) so it needs
doing as a C DNSSEC tool.
For my scale, it would be enough to have a program that does a CDNSKEY
check for one domain, tho I expect a registr{ar,y} would need something
that can do the child DNSKEY+CDNSKEY+CDS lookups concurrently in bulk.
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/ - I xn--zr8h punycode
Thames, Dover, Wight: South 5 or 6, veering southwest 6 or 7. Slight or
moderate, becoming moderate or rough. Rain, fair later. Moderate or poor,
becoming good later.
More information about the bind-workers
mailing list