[DNSSEC-Transparency] Test data wanted

Paul Wouters paul at nohats.ca
Mon Feb 8 21:50:54 CET 2016


Will give you some but will have to build binary format from presentation format using ldns or something. I'll try some airport hacking tomorrow on my way from Prague to Amsterdam 

Sent from my iPhone

> On Feb 8, 2016, at 17:05, Linus Nordberg <linus at nordu.net> wrote:
> 
> Hi,
> 
> I'm ready to start testing some code. In order to save some time, I'm
> asking the list for test data.
> 
> I suggest that we define "Inputs" for our newly invented "add-ds-rr"
> HTTP entry-point (similar to RFC6962 section 4.1) like this:
> 
>  chain: An array of base64-encoded RRsets in DNS wire format. The first
>  element is a single DS RR to be added to the log. The next element is
>  an RRSIG RR for the DS RR. After that follows all the RRsets necessary
>  to validate the DS RR up to a known root. The RR types allowed are
>  DNSKEY, RRSIG and DS.
> 
> Now please tell me where this will fail. :)
> 
> Or provide me with a chain like described above for a DS record of your
> choice that's valid using the DNSSEC root as a known root.
> 
> Thanks,
> Linus
> 
> _______________________________________________
> DNSSEC-Transparency mailing list
> DNSSEC-Transparency at lists.sunet.se
> https://lists.sunet.se/listinfo/dnssec-transparency


More information about the DNSSEC-Transparency mailing list