[Freeipa-devel] LDAP schema for DNSSEC keys
Simo Sorce
simo at redhat.com
Mon Jul 28 09:04:04 UTC 2014
On Fri, 2014-07-25 at 19:26 +0200, Petr Spacek wrote:
>
> I have updated design page and diagrams:
> https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC/Keys/Shortterm#LDAPschema
Excellent page, I took a full read and it all seem reasonable.
However I would like a page like this with the detailed summary of key
material handling.
This is important to get right and have documented anyway so if someone
could summarize in detail all the key handling I would be happy to do a
detailed review and think carefully about the security stance of the
final solution we agreed on. If we can do this early it would be better
to avoid costly rewrites should we have forgotten/underestimated some
implementation detail that requires changes.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list