On Thu, Aug 29, 2019 at 07:25:54PM +0530, Mukund Sivaraman wrote: > I am asking about where this key format is specified - I want to extend > it.
There's never been a written specification as far as I know, and if there was one, then it's definitely been obsolete since 2009, because I changed the format then and I didn't update any specs. What I can tell you is: the private key file contains a format version string, "Private-key-format", currently always set to 1.3, and an algorithm string, "Algorithm". After that comes a set of private keydata fields which are specific to the algorithm, and finally a set of *optional* metadata fields. Those were introduced in format version 1.3. They include "Created", "Publish", "Delete", etc, and also a few (such as "RollPeriod") that were reserved for future use but we'e never gotten around to using them. If the parser encounters any field that it doesn't recognize, and the key claims to be version 1.3, then it will reject the key with an error. However, if Private-key-format is increased to at least 1.4, then the version 1.3 parser will ignore the unknown fields and just use the ones that it does understand. A version number above 2.0 is assumed not to be backward-compatible, so that key would be rejected always. We've have had a few conversations at ISC recently about adding some new fields and increasing the format version to 1.4, so it would probably be best if we coordinate our changes to ensure that your extensions are interoperable with ours. -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
