To:
James Gould <jgould@verisign.com>
Cc:
Ulrich Wisser <liste@publisher.de>, Frederico A C Neves <fneves@registro.br>, EPP Provreg <ietf-provreg@cafax.se>
From:
Jens Wagner <jwagner@hexonet.net>
Date:
Tue, 03 Aug 2010 16:59:27 +0200
In-Reply-To:
<C875FCC2.3A6EB%jgould@verisign.com>
Sender:
owner-ietf-provreg@cafax.se
User-Agent:
Thunderbird 2.0.0.23 (X11/20090817)
Subject:
Re: [ietf-provreg] RFC5910 public client implementation
Title: Re: [ietf-provreg] RFC5910 public client implementation
Hi James, we just implemented secDNS-1.0 and secDNS-1.1 into our EPP gateway. It supports both Key Data and DS Data interfaces, as some tlds like .de or .eu require Key Data anyways. For other TLDs which require DS Data, it automatically creates it using the key data and SHA1 as digest type, if using the Key Data interface. E.g. it accepts the following input <?xml version="1.0" encoding="UTF-8" standalone="no"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> <command> <update> <domain:update xmlns:domain="urn:ietf:params:xml:ns:domain-1.0"> <domain:name>secdns.org</domain:name> </domain:update> </update> <extension> <secDNS:update xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.1"> <secDNS:rem> <secDNS:all>true</secDNS:all> </secDNS:rem> <secDNS:add> <secDNS:keyData> <secDNS:flags>256</secDNS:flags> <secDNS:protocol>3</secDNS:protocol> <secDNS:alg>1</secDNS:alg> <secDNS:pubKey>AQPJ////4Q==</secDNS:pubKey> </secDNS:keyData> <secDNS:keyData> <secDNS:flags>257</secDNS:flags> <secDNS:protocol>3</secDNS:protocol> <secDNS:alg>5</secDNS:alg> <secDNS:pubKey>AQPJ////5Q==</secDNS:pubKey> </secDNS:keyData> </secDNS:add> </secDNS:update> </extension> <clTRID>ABC-12345</clTRID> </command> </epp> and creates two DS data record: <secDNS:dsData> <secDNS:keyTag>65535</secDNS:keyTag> <secDNS:alg>1</secDNS:alg> <secDNS:digestType>1</secDNS:digestType> <secDNS:digest>1543C1BABEB5ECAF98774188032928B3CD18299A</secDNS:digest> <secDNS:keyData> <secDNS:flags>256</secDNS:flags> <secDNS:protocol>3</secDNS:protocol> <secDNS:alg>1</secDNS:alg> <secDNS:pubKey>AQPJ////4Q==</secDNS:pubKey> </secDNS:keyData> </secDNS:dsData> <secDNS:dsData> <secDNS:keyTag>46089</secDNS:keyTag> <secDNS:alg>5</secDNS:alg> <secDNS:digestType>1</secDNS:digestType> <secDNS:digest>2A515440A8AEA13F034191AB0D35DB1DDF7968E8</secDNS:digest> <secDNS:keyData> <secDNS:flags>257</secDNS:flags> <secDNS:protocol>3</secDNS:protocol> <secDNS:alg>5</secDNS:alg> <secDNS:pubKey>AQPJ////5Q==</secDNS:pubKey> </secDNS:keyData> </secDNS:dsData> Best, - jens James Gould schrieb: It’s great to hear that the implementations are moving forward. -- Jens Wagner Chief Executive Officer HEXONET GmbH Be Your Own Internet Services Provider T: +49 6841 69 84 0 F: +49 6841 69 84 199 E: jwagner@hexonet.net W: http://www.hexonet.net HEXONET GmbH, Talstrasse 27, 66424 Homburg, Germany. CEO & General Manager: Jens Wagner, HRB 2839 (HOM), Amtsgericht Saarbrücken, VAT-ID: DE-138316882 HEXONET Services Inc., 1100 - 1200 West 73rd Avenue, Vancouver, B.C., V6P 6G5, Canada. CSO & General Manager: Robert Birkner This email and any files transmitted are confidential and intended only or the person(s) directly addressed. If you are not the intended recipient, any use, copying, transmission, distribution, or other forms of dissemination is strictly prohibited. If you have received this email in error, please notify the sender immediately and permanently delete this email with any files that may be attached. |