ocaml-dns icon indicating copy to clipboard operation
ocaml-dns copied to clipboard

Published 20 hours ago verified publisher icon mirage

server: DNSSec support

Open hannesm opened this issue 3 years ago • 2 comments

with online and offline keys -- allow dynamic updates if a key is present and sign the zone. also support nsec and nsec3 (here we'll need nsec3param RR as well).

hannesm avatar Mar 10 '22 14:03 hannesm

Is anyone working on this at the moment? I may have some time to help

MagnusS avatar Jan 05 '24 12:01 MagnusS

Dear @MagnusS, nice to hear from you. As far as I know, there's nobody actively working on DNSsec support for the authoritative servers.

It may be useful to first discuss the goals (i.e. online or offline keys - when the sign operation should take place) and which path to take (nsec or nsec3, and the newer compression mechanisms proposed by big DNS providers).

hannesm avatar Jan 05 '24 13:01 hannesm