Re: [dane] Anyone interested in writing a DANE tutorial?

Dan York <dan-ietf@danyork.org> Fri, 28 September 2012 18:19 UTC

Return-Path: <dan-ietf@danyork.org>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 446CB21F84EB for <dane@ietfa.amsl.com>; Fri, 28 Sep 2012 11:19:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.998
X-Spam-Level:
X-Spam-Status: No, score=-2.998 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_57=0.6, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rzAYVCKMP+tw for <dane@ietfa.amsl.com>; Fri, 28 Sep 2012 11:19:58 -0700 (PDT)
Received: from mail-qa0-f44.google.com (mail-qa0-f44.google.com [209.85.216.44]) by ietfa.amsl.com (Postfix) with ESMTP id 601F321F84E7 for <dane@ietf.org>; Fri, 28 Sep 2012 11:19:58 -0700 (PDT)
Received: by mail-qa0-f44.google.com with SMTP id b10so115943qad.10 for <dane@ietf.org>; Fri, 28 Sep 2012 11:19:58 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=subject:mime-version:content-type:from:in-reply-to:date:cc :message-id:references:to:x-mailer:x-gm-message-state; bh=NXsyYlquBJ6/f1Ecgzkvc5lADn2kkthLMEEB0pLbjII=; b=G/O19QSpgZizARtXhDVWOtQLvg1wFJh/Ou7mjtUZNocfPORvyceUyQWJuhTjL7GDiu aZkifP+xJZVkJDZlY6pg/FYdioaLjICfOkNolxRA3sduKZKNkreYFAQipFPuWfBLZ7FV +PC++LgfAcrmzIDQdr80TdUiIBDj1QgHZV5c1S5KNkSLJjJZIrfNC1ab/9LGMklKcEbK nClHIxVOorCMsCwZV4dAEMpLfSjiZbRo9AZWdR1S+UG9ClN9g01JF5huNLUjCjK69tlz cu3JbWRCy2JUVPZdpCDNokfOTTFfIaQE3zVlqq3VzK36ESVne8aVzBSe43v911m2knkZ jvig==
Received: by 10.224.42.138 with SMTP id s10mr18810816qae.21.1348856397804; Fri, 28 Sep 2012 11:19:57 -0700 (PDT)
Received: from ?IPv6:2001:470:1f07:309:e835:9054:6823:b7da? ([2001:470:1f07:309:e835:9054:6823:b7da]) by mx.google.com with ESMTPS id dp3sm13436963qab.21.2012.09.28.11.19.56 (version=TLSv1/SSLv3 cipher=OTHER); Fri, 28 Sep 2012 11:19:57 -0700 (PDT)
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: multipart/alternative; boundary="Apple-Mail=_B48A60BE-EA57-4ABB-BF2E-5B825167A8C9"
From: Dan York <dan-ietf@danyork.org>
In-Reply-To: <alpine.LFD.2.02.1209261809490.9988@bofh.nohats.ca>
Date: Fri, 28 Sep 2012 14:19:55 -0400
Message-Id: <56D9F1D8-7D81-485B-B113-11E32C89605F@danyork.org>
References: <699F0F4D-3E06-44F5-88A4-40C1FC569E98@danyork.org> <alpine.LFD.2.02.1209261809490.9988@bofh.nohats.ca>
To: Paul Wouters <paul@cypherpunks.ca>
X-Mailer: Apple Mail (2.1257)
X-Gm-Message-State: ALoCoQlh203PKGrQu7wzsidQFTAq+YQOSCLgwbqQ7U2JRG4K4qS6k25wYeo7bFpzp7HOLg7gJFLf
Cc: IETF DANE WG list <dane@ietf.org>
Subject: Re: [dane] Anyone interested in writing a DANE tutorial?
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Sep 2012 18:19:59 -0000

Paul,

On Sep 26, 2012, at 6:15 PM, Paul Wouters wrote:

> On Wed, 26 Sep 2012, Dan York wrote:
> 
>> To this last point about getting more TLSA records published, would anyone be interested in writing a step-by-step tutorial for how
>> to publish a TLSA record?  Or collaborating on writing one?
> 
> My slidedeck from Linux Security Summit 2012 had that information.
> I'll also be presenting about this at SecTor and ICANN.

Nice presentation!   For others interested the link is at http://kernsec.org/files/LinuxCon2012-DNSSEC.pdf

There certainly are pieces in there that can be pulled out for a tutorial.

>> Even if someone could sketch out the basic outline of the commands one would use for the steps above, I'd be glad to write some
>> text narrative explaining the commands.
> 
> yum | apt-get install hash-slinger (from http://people.redhat.com/pwouters/hash-slinger )


Looks like a very nice tool.  Before I go trying to see if I can get it to work on Mac OS X, are you aware of anyone else doing so?   (I have an interest in demo-ing a tool like this at conferences and events - and my laptop is a Mac.)

Thanks for the info and link,
Dan

-- 
Dan York  dyork@lodestar2.com
http://www.danyork.me/   skype:danyork
Phone: +1-802-735-1624
Twitter - http://twitter.com/danyork