Peter Thomassen
Peter Thomassen
### Short description Implements [draft-ietf-dnsop-dnssec-bootstrapping](https://datatracker.ietf.org/doc/draft-ietf-dnsop-dnssec-bootstrapping/). We'd like to replace our LUA-based implementation at desec.io with this for about 50k zones. Protocol draft status: in IETF Last Call. -- Other implementations...
The replicator should identify domains that remain stale despite of AXFR attempts, and trigger an alert.
Currently, it's not possible to request one certificate for multiple domains which are not owned by the same deSEC acccount. To support this use case, we could check the credentials...
See https://github.com/desec-io/desec-stack/pull/754#issuecomment-1887977612
### Description Review email messages usually [begin with lines like](https://mailarchive.ietf.org/arch/msg/dnsop/nrB8kmm9BDa9-sUX2WzH0Nr9YM8/) ``` Reviewer: [...] Review result: [...] ``` Additionally, the draft identifier is mentioned in subject, but it is often difficult...