BIND 10 #2124: RFC 6594 for SSHFP

BIND 10 Development do-not-reply at isc.org
Tue Jul 24 05:37:06 UTC 2012 

#2124: RFC 6594 for SSHFP
-------------------------------------+-------------------------------------
                   Reporter:         |                 Owner:  jinmei
  vorner                             |                Status:  reviewing
                       Type:         |             Milestone:
  defect                             |  Sprint-20120731
                   Priority:         |            Resolution:
  medium                             |             Sensitive:  0
                  Component:         |           Sub-Project:  DNS
  libdns++                           |  Estimated Difficulty:  2
                   Keywords:         |           Total Hours:  0
            Defect Severity:  N/A    |
Feature Depending on Ticket:         |
        Add Hours to Ticket:  0      |
                  Internal?:  0      |
-------------------------------------+-------------------------------------
Changes (by muks):

 * owner:  muks => jinmei


Comment:

 Replying to [comment:14 jinmei]:
 > I don't think we should reject 0 for algorithm and type.  The RFC
 > doesn't require it, and BIND 9 (which we generally try to be
 > compatible with if there's specific reason not to do so) doesn't
 > reject them.

 The RFC marked it as reserved (and given 1-255 available for use), I
 didn't think it would get used. I have relaxed the check now to allow 0
 also.

 >
 > > > - I'd add tests for the "from wire" cases (against some uncommon
 > > >   algorithms/types)
 > >
 > > Done. :)
 >
 > Probably beyond the scope of this task, but now that you've deleted
 > "TBD": we still need some more tests, e.g., short data.

 A short fingerprint data test has been added.

 > Also, you don't necessarily have to explicitly specify parameters of
 > test data if you simply use the default values.  From a quick look you
 > can omit many of them.

 Updated.

 >
 > > > - We need a changelog for this fix.
 > >
 > > How does this look:
 > > {{{
 > > +XXX.   [bug]           muks
 > > +       SSHFP's algorithm and fingerprint type checks have been
 relaxed
 > > +       such that they will accept any values in [1,255]. This is so
 that
 > > +       future algorithm and fingerprint types are accomodated.
 > > +       (Trac #2124, git ...)
 > > +
 > > }}}
 >
 > Looks okay, except that it would need to be adjusted if we allow
 > values of 0.

 Nod. I'll be modified when it's committed.

-- 
Ticket URL: <http://bind10.isc.org/ticket/2124#comment:16>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development

More information about the bind10-tickets mailing list