To:
dnssec@cafax.se
cc:
mike@fuhr.org, team@nlnetlabs.nl, disi@ripe.net
From:
Olaf Kolkman <olaf@ripe.net>
Date:
Tue, 15 May 2001 13:25:22 +0200
Delivery-Date:
Wed May 16 07:59:05 2001
Sender:
owner-dnssec@cafax.se
Subject:
Net::DNS DNSSEC extensions V0.2
Dear Colleagues, I've added extra features to and fixed some bugs in the DNSSEC extensions I made to the PERL DNS Resolver Module Net::DNS. You can get a patch against Mike Fuhr's development version of Net::DNS from the tools section at http://www.ripe.net/disi/ the documentation can be found at http://www.ripe.net/disi/Net/index.html Version 0.12 of Net::DNS is in CPAN. The development version 0.19 (Feb 6, 2001) is available from http://www.fuhr.org/~mfuhr/perldns/. Note that the DNSSEC extensions and the Version 0.19 are both under development and not all possible interactions are tested. --Olaf -------------------- Main changes with respect to the previous patch I posted to dnssec@sigz.se. - I have added a new constructor for the SIG object. Given a RRset and a bind generated private key one can create a signature over the RRset. (RSA signatures only, other algorithms will follow) my $sigrr= create Net::DNS::RR::SIG(\@datarrset,$keypath); - I fixed a bug in the original TTL handling which made signature verification fail if the TTL in the datarr was not the original TTL (i.e. when not querying authoritative servers.)