Andy Polyakov has committed initial support for DANE in OpenSSL
- please see http://rt.openssl.org/Ticket/Display.html?id=3003 for
more information.
Note, this "initial support", does not yet perform any verification
based on TLSA records, it just adds a convenience TLSA RR lookup
function that is conditional on libunbound.
Oops! Git noob mistake.
http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e815d72b1f489c2c38adf3eee87c02e1c5dd8f3c
There is still a bunch of work before this is usable.
Yes, please get involved.
This will by the way fail to compile if one defines OPENSSL_NO_LIBUNBOUND
$ unifdef -DOPENSSL_NO_LIBUNBOUND ssl/dnssec.c | head -20
http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddf918673d2d163fc0a6a6c9774b05dd1efb9857
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
