Support for GSS-TSIG (RFC 3645) in PDNS 4.x

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Support for GSS-TSIG (RFC 3645) in PDNS 4.x

Dharmesh
Hi,

I was going through the documentation of PDNS 3.x and there it was mentioned that HSS-TSIG feature is experimental and subjected to change in future releases, but in PDNS 4.x i am not able to get the details of this feature via documentation. Is this feature supported in PDNS 4.x. If no, then is there any road-map for development of this feature.

Also DDNS and DNSSEC is fully supported in PDNS 4.x but i am not able to get the details of Legacy Resolver Compatibility for Delegation Signer (DS) support via documentation. Is the same supported by PDNS 4.x

Regards,
--
Dharmesh Kumar


_______________________________________________
Pdns-users mailing list
[hidden email]
https://mailman.powerdns.com/mailman/listinfo/pdns-users
Reply | Threaded
Open this post in threaded view
|

Re: Support for GSS-TSIG (RFC 3645) in PDNS 4.x

Aki Tuomi
On Tue, May 10, 2016 at 02:37:42PM +0530, Dharmesh wrote:

> Hi,
>
> I was going through the documentation of PDNS 3.x and there it was
> mentioned that HSS-TSIG feature is experimental and subjected to change in
> future releases, but in PDNS 4.x i am not able to get the details of this
> feature via documentation. Is this feature supported in PDNS 4.x. If no,
> then is there any road-map for development of this feature.
>
> Also DDNS and DNSSEC is fully supported in PDNS 4.x but i am not able to
> get the details of Legacy Resolver Compatibility for Delegation Signer (DS)
> support via documentation. Is the same supported by PDNS 4.x
>
> Regards,
> --
> Dharmesh Kumar

Hi!

GSS-TSIG support in PowerDNS is pretty basic still, there has been
no time for me to improve on it.

What currently works is that you can specify principal(s) that are
allowed to AXFR or UPDATE a DNS domain.

4.0.0 introduces so far no changes to the 3.x behaviour.

Aki
_______________________________________________
Pdns-users mailing list
[hidden email]
https://mailman.powerdns.com/mailman/listinfo/pdns-users
Reply | Threaded
Open this post in threaded view
|

Re: Support for GSS-TSIG (RFC 3645) in PDNS 4.x

Peter van Dijk
In reply to this post by Dharmesh
Hello Dharmesh,

On 10 May 2016, at 11:07, Dharmesh wrote:

> Also DDNS and DNSSEC is fully supported in PDNS 4.x but i am not able
> to
> get the details of Legacy Resolver Compatibility for Delegation Signer
> (DS)
> support via documentation. Is the same supported by PDNS 4.x

RFC3755 was obsoleted by the 4033/4034/4035 set. We aim for full
compliance with relevant non-obsoleted RFC.

Kind regards,
--
Peter van Dijk
PowerDNS.COM BV - https://www.powerdns.com/
_______________________________________________
Pdns-users mailing list
[hidden email]
https://mailman.powerdns.com/mailman/listinfo/pdns-users
Reply | Threaded
Open this post in threaded view
|

Re: Support for GSS-TSIG (RFC 3645) in PDNS 4.x

Dharmesh
Hello Peter,


Yes RFC3755 was obsoleted by 4033/4034/4035 but as per the details given on https://www.powerdns.com/compliance.html this page, RFC4033 is not in the compliance list of PDNS. Since RFC4033,34,35 together makes a family of RPC's so what exactly is not compliant in RFC 4033 or is it that the compliance page of pdns is not updated.

Regards,

On Wed, May 18, 2016 at 2:00 PM, Peter van Dijk <[hidden email]> wrote:
Hello Dharmesh,

On 10 May 2016, at 11:07, Dharmesh wrote:

Also DDNS and DNSSEC is fully supported in PDNS 4.x but i am not able to
get the details of Legacy Resolver Compatibility for Delegation Signer (DS)
support via documentation. Is the same supported by PDNS 4.x

RFC3755 was obsoleted by the 4033/4034/4035 set. We aim for full compliance with relevant non-obsoleted RFC.

Kind regards,
--
Peter van Dijk
PowerDNS.COM BV - https://www.powerdns.com/
_______________________________________________
Pdns-users mailing list
[hidden email]
https://mailman.powerdns.com/mailman/listinfo/pdns-users



--
Dharmesh Kumar



_______________________________________________
Pdns-users mailing list
[hidden email]
https://mailman.powerdns.com/mailman/listinfo/pdns-users
Reply | Threaded
Open this post in threaded view
|

Re: Support for GSS-TSIG (RFC 3645) in PDNS 4.x

Peter van Dijk
Hello Dharmesh,

I have updated the compliance page. Thank you for letting us know.

Kind regards,
--
Peter van Dijk
PowerDNS.COM BV - https://www.powerdns.com/

On 18 May 2016, at 10:41, Dharmesh wrote:

> Hello Peter,
>
>
> Yes RFC3755 was obsoleted by 4033/4034/4035 but as per the details
> given on
> https://www.powerdns.com/compliance.html this page, RFC4033 is not in
> the
> compliance list of PDNS. Since RFC4033,34,35 together makes a family
> of
> RPC's so what exactly is not compliant in RFC 4033 or is it that the
> compliance page of pdns is not updated.
>
> Regards,
>
> On Wed, May 18, 2016 at 2:00 PM, Peter van Dijk
> <[hidden email]
>> wrote:
>
>> Hello Dharmesh,
>>
>> On 10 May 2016, at 11:07, Dharmesh wrote:
>>
>> Also DDNS and DNSSEC is fully supported in PDNS 4.x but i am not able
>> to
>>> get the details of Legacy Resolver Compatibility for Delegation
>>> Signer
>>> (DS)
>>> support via documentation. Is the same supported by PDNS 4.x
>>>
>>
>> RFC3755 was obsoleted by the 4033/4034/4035 set. We aim for full
>> compliance with relevant non-obsoleted RFC.
>>
>> Kind regards,
>> --
>> Peter van Dijk
>> PowerDNS.COM BV - https://www.powerdns.com/
>> _______________________________________________
>> Pdns-users mailing list
>> [hidden email]
>> https://mailman.powerdns.com/mailman/listinfo/pdns-users
>>
>
>
>
> --
> Dharmesh Kumar
_______________________________________________
Pdns-users mailing list
[hidden email]
https://mailman.powerdns.com/mailman/listinfo/pdns-users