[prev in list] [next in list] [prev in thread] [next in thread]
List: openbsd-tech
Subject: Re: DANE in libressl?
From: Gilles CHEHADE <gilles () poolp ! org>
Date: 2021-08-29 20:04:55
Message-ID: 71949C9B-2106-4734-A453-2B4191C2123F () poolp ! org
[Download RAW message or body]
> On 29 Aug 2021, at 16:14, Peter J. Philipp <pjp@delphinusdns.org> wrote:
>
> On Sun, Aug 29, 2021 at 07:16:20AM -0600, Theo de Raadt wrote:
>> Is there a strong reason why this has to be in that specific library?
>
> Not really. I did see gnutls has dane functions and openssl has them too.
> I can stick to just rolling the needed functionality in the syslogd.
>
> Noone out there is doing this already right?
>
Hello,
I had started working on a standalone dane resolver based upon asr but I decided not to move it forward:
OpenSSL has an interface for DANE and !OpenBSD projects are more likely to implement that interface,
so I thought my plan of a standalone implementation would be inferior to a LibreSSL implementation that
could be picked by ports and a libtls interface that could be picked by base daemons.
I don't have much code but I can share if you're still interested.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic