DJB's tinydns support

[mnalis]

tinydns authoritative name server (from djbdns suite) supports so-called "Generic record" (":", which is somewhat similar to RFC 3597 Syntax). Could you implement it on the https://sslmate.com/labs/caa/ webpage too?

Docs are at: http://cr.yp.to/djbdns/tinydns-data.html

[neuhaus]

I second this request! There's a script at https://github.com/Weebly/tinydns-filter that shows how to verify and build CAA records for tinydns.

[AGWA]

If you could provide an example of what the following record should look like, it would help me add support for tinydns:

example.com.    IN  CAA 0 issue "comodoca.com"

In RFC3597 syntax:

example.com.    IN  TYPE257 \# 19 00056973737565636F6D6F646F63612E636F6D

[mnalis]

Sure, no problem. In DJB's tinydns it would be this generic record:

:example.com:257:\000\005issuecomodoca.com

Or, if you wanted to specify record TTL of one hour:

:example.com:257:\000\005issuecomodoca.com:3600

Note that if the "body" of the record contains : (or any non-printable-ASCII), you need to encode them in octal with \xxx, like this (\072 is : in example below):

:example.com:257:\000\005iodefmailto\072noc@example.com:86400

for

example.com.        86400   IN  CAA 0 iodef "mailto:noc@example.com"

[AGWA]

Thank you @mnalis, that was very helpful! tinydns is now supported