[Freeipa-devel] LDAP schema for DNSSEC keys
Jan Cholasta
jcholast at redhat.com
Tue Jul 29 06:46:57 UTC 2014
Dne 28.7.2014 v 11:04 Simo Sorce napsal(a):
> On Fri, 2014-07-25 at 19:26 +0200, Petr Spacek wrote:
>>
>> I have updated design page and diagrams:
>> https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC/Keys/Shortterm#LDAPschema
>
> Excellent page, I took a full read and it all seem reasonable.
>
> However I would like a page like this with the detailed summary of key
> material handling.
>
> This is important to get right and have documented anyway so if someone
> could summarize in detail all the key handling I would be happy to do a
> detailed review and think carefully about the security stance of the
> final solution we agreed on. If we can do this early it would be better
> to avoid costly rewrites should we have forgotten/underestimated some
> implementation detail that requires changes.
>
> Simo.
>
Do you need more detail than
<https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC/Keys/Shortterm#Keydistribution>?
--
Jan Cholasta
More information about the Freeipa-devel
mailing list