On Mon, Oct 20, 2014 at 04:52:21PM +0000, Dan York wrote:
> Personally, I think it would be great if every "DANE-like" usage
> would just use the TLSA record... then we have to only fight that
> battle once to get it added into configuration/management GUIs.
> But if we are to create other TLSA-like records to have different
> names, let's at least please keep them the same so that we can get
> them all more easily deployed.
I empathise with the sentiment, but there's a bit more to a friendly
DANE record UI than the RDATA format.
For TLSA, the UI would have an entry box for the port number, and
radio buttons for the protocol (tcp/udp/...).
For SMIMEA there would be a text field for the address localpart,
which used to enter the address. If (as is almost always the case)
the DNS zone is mastered from some sort of underlying database,
one might even want to store the address (for friendlier search,
...) while using its sha224 hash in the SMIME label.
So there may be *some* code re-use, but doing it right will likely
require custom code for any additional record types with a TLSA-like
RDATA.
--
Viktor.
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
