[Freeipa-devel] [PATCH 0244-0245] Add basic support for inline-signingSeparate raw and secure zones in Zone Register
Petr Spacek
pspacek at redhat.com
Fri Apr 18 15:10:19 UTC 2014
Hello,
Add basic support for inline-signing.
Inline-signing is enabled for zones with idnsSecInlineSigning attribute = TRUE.
Limitations:
- Signing configuration is hardcoded in create_zone() as magic constants
- idnsSecInlineSigning attribute cannot be changed at run-time
- DNS updates are not supported
- Signing keys have to be pre-generated and stored in
<dyndb-ldap working directory>/<ldap intance name>/<zone name>/keys
directory before named is started
https://fedorahosted.org/bind-dyndb-ldap/ticket/56
--
Petr^2 Spacek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: bind-dyndb-ldap-pspacek-0244-Separate-raw-and-secure-zones-in-Zone-Register.patch
Type: text/x-patch
Size: 13680 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140418/775579d1/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: bind-dyndb-ldap-pspacek-0245-Add-basic-support-for-inline-signing.patch
Type: text/x-patch
Size: 8663 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140418/775579d1/attachment-0001.bin>
More information about the Freeipa-devel
mailing list