-
-
One idea: as a network generate a CA, include the fingerprint of it in the `irc://` link and sign the certs of all your servers certs with the CA.
Clients can possibly preload the fingerprint of a ne…
-
1) Search for "is is" and "not not", a couple of typos.
2) For the section titled "Why use DANE for SMTP?", it seems to be backward. The section first notes the dangers, and it should perhaps instea…
-
@ookangzheng
1. Do you have TLSA records for your DNS endpoints?
2. You might want to look at The edns-tcp-keepalive EDNS0, as outlined by RFC [7828](https://tools.ietf.org/html/rfc7828), and its i…
obeho updated
3 years ago
-
something went wrong again:
https://dane-test.had.dnsops.gov/server/dane_check.cgi?host=mymail.smartrns.net
'''
Checking mymail.smartrns.net:
--> -->
OperationalError Python 3.4.5: /usr…
-
# Use case
Since domain access to a domain provider might be already given with an api token for tls-dns challenge, why not support configuring DKIM key automatically using libdns?
- [x] I'm wil…
onny updated
8 months ago
-
Right now openssl s_client will not validate the hostname of a certificate, even if used with -verify_return_error.
There's a separate -verify_hostname parameter (since 1.1), but it seems unintuiti…
-
Hi @MollyMcEvilley ,
1. Sample Code has `LSAProjectType = 1 and LastBednight = rpt.ReportEnd then null` rule which is not listed in the Spec.
2. I wonder if the current Spec priority rules 1 and…
-
This is contingent upon OpenWRT/LEDE using a version of the OpenSSL lib that supports DANE.
This would require OpenWRT/LEDE move to 1.1 branch. They're currently on the 1.0 branch.
smutt updated
6 years ago
-
Hi, is there a limitation in `dog` that doesn't allow this:
dog -t SRV _servicename._tcp.example.com
Or am I using it wrong? `dog` gives the error:
Invalid options: Invalid domain "_s…
ghost updated
3 years ago