Re: [ietf-provreg] RFC5910 public client implementation

[James Gould <jgould@verisign.com>]

Title: Re: [ietf-provreg] RFC5910 public client implementation

Patrick,

> I have not found any problem implementing the RFC 5910, just one
> nitpick in the 5th example of secDNS update
> (Net::DRI uses examples in RFC for its ~3500 regression tests)
> which says:
>    C:      <secDNS:update urgent="true"
>    C:       xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.0">
>    C:        <secDNS:rem>
>    C:          <secDNS:all>true</secDNS:all>
>    C:        </secDNS:rem>
>    C:      </secDNS:update>
> 
> where it should have been secDNS-1.1 I believe.

Thanks, you are correct it should be secDNS-1.1.  

-- 


JG 

-------------------------------------------------------
James F. Gould
Principal Software Engineer
VeriSign Naming Services
jgould@verisign.com
Direct: 703.948.3271
Mobile: 703.628.7063

 
21345 Ridgetop Circle
LS2-2-1
Dulles, VA 20166

Notice to Recipient:  This e-mail contains confidential, proprietary and/or Registry  Sensitive information intended solely for the recipient and, thus may not be  retransmitted, reproduced or disclosed without the prior written consent of  VeriSign Naming and Directory Services.  If you have received  this e-mail message in error, please notify the sender immediately by  telephone or reply e-mail and destroy the original message without making a  copy.  Thank you.

---

From: Patrick Mevzek <provreg@contact.dotandco.com>
Organization: Dot And Co
Date: Fri, 10 Sep 2010 09:58:55 -0400
To: EPP Provreg <ietf-provreg@cafax.se>
Subject: Re: [ietf-provreg] RFC5910 public client implementation

James Gould <jgould@verisign.com> 2010-07-28 21:43
> Just curious if anyone is planning on supporting the Key Data Interface of
> RFC 5910?

On the client side,
as I've just finished its implementation, in the next release of
Net::DRI there will be full support of RFC5910 with both the dsData
interface and the keyData interface provided,
alongside support of RFC4310 which was there since 2006.

The client switches to secDNS-1.1 if announced by server, and
provides the same API in all cases to the calling application.

I have not found any problem implementing the RFC 5910, just one
nitpick in the 5th example of secDNS update
(Net::DRI uses examples in RFC for its ~3500 regression tests)
which says:
   C:      <secDNS:update urgent="true"
   C:       xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.0">
   C:        <secDNS:rem>
   C:          <secDNS:all>true</secDNS:all>
   C:        </secDNS:rem>
   C:      </secDNS:update>

where it should have been secDNS-1.1 I believe.


If there are some people that can test with or provide access to
servers announcing secDNS-1.1 only or secDNS-1.0 + secDNS-1.1
please contact me in private to get an RC tarball if you are
interested in interoperability tests.




Also, I've implemented at the same time the .EU specific DNSSEC
extension called "Keygroup" to manage list of dsData material.


--
Patrick Mevzek
Dot and Co <http://www.dotandco.com/> <http://www.dotandco.net/>
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
List run by majordomo software.  For (Un-)subscription and similar details
send "help" to ietf-provreg-request@cafax.se