BIND 10 #2124: RFC 6594 for SSHFP
BIND 10 Development
do-not-reply at isc.org
Wed Jul 11 11:54:31 UTC 2012
#2124: RFC 6594 for SSHFP
-------------------------------------+-------------------------------------
Reporter: vorner | Owner:
Type: defect | UnAssigned
Priority: medium | Status: new
Component: libdns++ | Milestone: Next-
Sensitive: 0 | Sprint-Proposed
Sub-Project: DNS | Keywords:
Estimated Difficulty: 0 | Defect Severity: N/A
Total Hours: 0 | Feature Depending on Ticket:
| Add Hours to Ticket: 0
| Internal?: 0
-------------------------------------+-------------------------------------
The mentioned RFC defines new algorithms and key types for SSHFP. Our
SSHFP reject these as out-of-range (which is annoying to me, as I happen
to have the ECDSA public keys with few of my hosts). The solution for us
is simple ‒ relax the checks, there's no special handling based on the
algorithm or key type.
Anyway, as there may be more key types in the future, should we have the
checks at all?
As it is simple and annoying, I put it to next-sprint-proposed.
--
Ticket URL: <http://bind10.isc.org/ticket/2124>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list