On 24.9.2013 19:23, Erinn Looney-Triggs wrote:
I wanted to bring up the idea of integrating TLSA records into FreeIPA
so that a host that is issued a certificate for say the web server (via
dogtag) would also publish that information in DNS using a TLSA record.
This is very much like how SSHFP records are handled now in FreeIPA.
Has this been considered at all?
I am more than happy to write up some more info about this, I just
wanted to get a preliminary idea of whether this had been considered at
all...
You definitely have my +1!
I'm working on DNSSEC support in FreeIPA, but we didn't went so far in our
plans :-)
Please create RFE ticket (request for enhancement):
https://fedorahosted.org/freeipa/newticket
You will need an Fedora Account, please follow this:
https://fedoraproject.org/wiki/Account_System/NewAccount
I would recommend you to add your e-mail address to Cc field in the ticket to
get latest updates.
We can continue with discussion here, of course!
--
Petr^2 Spacek
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
