"DNS-Based Authentication of Named Entities (DANE) - Transport Layer Security (TLS) Protocol" requires new record named "TLSA" as defined by RFC 6698.
General use cases are defined in RFC 6394.
We need to add tlsaRecord attribute and add support to bind plugin.
New attribute type was added to the upstream DNS schema: http://drift.uninett.no/nett/ip-nett/dnsattributes.schema
attributetype ( 1.3.6.1.4.1.2428.20.1.52 NAME 'TLSARecord' DESC 'DNS-Based Authentication of Named Entities - Transport Layer Security Protocol, RFC 6698' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
Moving to Fedora 21 to reflect reality.
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1207539
Metadata Update from @pspacek: - Issue assigned to pspacek - Issue set to the milestone: Fedora 21
Log in to comment on this ticket.