Re: [dnsext] Capture signature chain?
Donald Eastlake <d3e3e3@gmail.com> Mon, 19 March 2012 16:29 UTC
Return-Path: <dnsext-bounces@ietf.org>
X-Original-To: namedroppers-archive-gleetwall6@lists.ietf.org
Delivered-To: ietfarch-namedroppers-archive-gleetwall6@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A83D21F881D; Mon, 19 Mar 2012 09:29:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1332174555; bh=kIFf/9GvVZPxpuBQDSuctxQtLHP1v8n6uge36jxjqaM=; h=MIME-Version:In-Reply-To:References:From:Date:Message-ID:To: Subject:List-Id:List-Unsubscribe:List-Archive:List-Post:List-Help: List-Subscribe:Content-Type:Content-Transfer-Encoding:Sender; b=DQclzz2alYttMLvptOLBuFF8WFdiP95qmLm1MqDenwGXAlWcmWNCwI3z3ErkV/flI Q9d5AuyIP3PQ0iSuAVA5GJwpCA+e3OqxjijBYMuFN9RGEBhyKxU1bglb+Tm1EWCbS0 uTeJ5i5qP6PyoSMsoIwaFb6N0XiSNOFjbjpq4SNk=
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0183321F881D for <dnsext@ietfa.amsl.com>; Mon, 19 Mar 2012 09:29:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -104.398
X-Spam-Level:
X-Spam-Status: No, score=-104.398 tagged_above=-999 required=5 tests=[AWL=-0.799, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R30jx7JOaSIh for <dnsext@ietfa.amsl.com>; Mon, 19 Mar 2012 09:29:13 -0700 (PDT)
Received: from mail-lpp01m010-f44.google.com (mail-lpp01m010-f44.google.com [209.85.215.44]) by ietfa.amsl.com (Postfix) with ESMTP id 0FEB121F874C for <dnsext@ietf.org>; Mon, 19 Mar 2012 09:29:12 -0700 (PDT)
Received: by lagj5 with SMTP id j5so5750044lag.31 for <dnsext@ietf.org>; Mon, 19 Mar 2012 09:29:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type:content-transfer-encoding; bh=w/Pm2e1XYxZUnFfTVRSl8St3zjCwEQDidy1TQiwRNpc=; b=RnpdGdUmRl9uzYH9tKZVQtlUuatlyiaHjKupEG2lAmxFTjHO65s81ztdBrrwS40SAp pJyd/A8klTa6p6j409IhlR7Zuo4dmJbBfPlQPJLnhNfRNCx22ozs63qoK+hPJXMCOWHq gfdjFqJFllIvnyt6/qWcAbUxrJgITSHw3CQcYxXIV7x5sdVMnriOXXgVmJdPUE7bdu4j RmJhGC/sVJBkGiylhs99zkVY+b6xHVHUt0lSGzmUZhS+7lBIvz9ruznynBOB0T8BqfPG tQbvFuEaFNv8edUVgzvaTmAMAoF+eaeVmygUdY3gim9sY52RmRWADaOzqwD/ON/INRee /dxw==
Received: by 10.112.41.169 with SMTP id g9mr3841951lbl.59.1332174551985; Mon, 19 Mar 2012 09:29:11 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.152.128.40 with HTTP; Mon, 19 Mar 2012 09:28:51 -0700 (PDT)
In-Reply-To: <alpine.LSU.2.00.1203191609170.3931@hermes-2.csi.cam.ac.uk>
References: <B2EC7390-13B1-4EFE-BABB-5228004418A4@icsi.berkeley.edu> <alpine.LSU.2.00.1203191609170.3931@hermes-2.csi.cam.ac.uk>
From: Donald Eastlake <d3e3e3@gmail.com>
Date: Mon, 19 Mar 2012 12:28:51 -0400
Message-ID: <CAF4+nEGT9ELkiweYW2nwTwUT4=xL0F5H2XUALdNkm6hmZpxi2g@mail.gmail.com>
To: dnsext List <dnsext@ietf.org>
Subject: Re: [dnsext] Capture signature chain?
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Sender: dnsext-bounces@ietf.org
Errors-To: dnsext-bounces@ietf.org
There is always RFC 2540. Thanks, Donald ============================= Donald E. Eastlake 3rd +1-508-333-2270 (cell) 155 Beaver Street, Milford, MA 01757 USA d3e3e3@gmail.com On Mon, Mar 19, 2012 at 12:11 PM, Tony Finch <dot@dotat.at> wrote: > Nicholas Weaver <nweaver@icsi.berkeley.edu> wrote: > >> Is there currently a standard wire/storage format for capturing the >> entire DNSSEC signature chain required for validation in a single >> transaction? > > No. I would recommend just listing all the relevant RRsets in DNS wire > format. There is also > http://tools.ietf.org/html/draft-agl-dane-serializechain-01 > which tries to omit unnecessary data. > > Tony. > -- > f.anthony.n.finch <dot@dotat.at> http://dotat.at/ > Northwest FitzRoy, Sole: Mainly southwesterly 4 or 5, increasing 6 at times in > west. Moderate or rough. Fair. Good. > _______________________________________________ > dnsext mailing list > dnsext@ietf.org > https://www.ietf.org/mailman/listinfo/dnsext _______________________________________________ dnsext mailing list dnsext@ietf.org https://www.ietf.org/mailman/listinfo/dnsext
- [dnsext] Capture signature chain? Nicholas Weaver
- Re: [dnsext] Capture signature chain? Tony Finch
- Re: [dnsext] Capture signature chain? Donald Eastlake
- Re: [dnsext] Capture signature chain? =JeffH