I really like this idea. Obviously, it's the sort of thing whose scope had better be pretty limited (e.g. you better know what network those TOFU requests are coming from), but apart from that it seems quite useful.
A On Fri, Apr 14, 2017 at 02:38:46AM +0200, Toke Høiland-Jørgensen wrote: > Hey everyone > > While following the naming discussions, I have been thinking about how > to do one of the things that the current naming architecture draft > excludes: Allowing devices on the homenet to register in (public) DNS so > that one may find them. And since I also wanted to learn the Go > programming language, I decided to prototype something. Enter the > 'nsregd' daemon. > > This daemon will allow a client to claim a name on a Trust On First Use > (TOFU) basis using the RFC2136 dynamic DNS update protocol. A client > claims a name by sending a DNS update request with a SIG(0) (RFC2931) > signature and including the public key corresponding to the signature. > If the name in a claim is not already taken by another client, the > client's claim will be successful and the daemon will cache the public > key and use it to verify subsequent update requests. > > Once a name has been claimed by a client, that client can add and remove > A and AAAA records by means of regular DNS update requests signed with > the key used to claim the name. The daemon will forward these updates to > one or more configured upstream authoritative nameservers. > > I'm posting this here in the hope that others will find it useful, > either as input to the discussion, or as a tool to play around with. > > The code is available on Github: > > https://github.com/tohojo/nsregd > > The README file has a few more details on how it's supposed to work. > Comments very welcome, patches even more so :) > > > Cheers, > > -Toke > > _______________________________________________ > homenet mailing list > homenet@ietf.org > https://www.ietf.org/mailman/listinfo/homenet -- Andrew Sullivan a...@anvilwalrusden.com _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
