#tsig — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #tsig, aggregated by home.social.
-
In #TSIG ist ja alles gelb, jetzt geht es mit dem 612(-Doppel) weiter Richtung Tübingen
-
In #TSIG ist ja alles gelb, jetzt geht es mit dem 612(-Doppel) weiter Richtung Tübingen
-
In #TSIG ist ja alles gelb, jetzt geht es mit dem 612(-Doppel) weiter Richtung Tübingen
-
In #TSIG ist ja alles gelb, jetzt geht es mit dem 612(-Doppel) weiter Richtung Tübingen
-
Our #DNS `domain` crate for #rustlang is progressing in three parallel tracks: Ximon's #XFR Zone transfers with #TSIG is nearing completion, a proof of concept for query routing by Philip is ready for review so he can turn his attention to the #DNSSEC signing milestone, and Terts and Jannik have kicked off reimplementing the `ldns` tools and example programs in #Rust.
All development is #OpenSource and in the open you can follow the progress and contribute: https://github.com/NLnetLabs/domain/pulls
-
Our #DNS `domain` crate for #rustlang is progressing in three parallel tracks: Ximon's #XFR Zone transfers with #TSIG is nearing completion, a proof of concept for query routing by Philip is ready for review so he can turn his attention to the #DNSSEC signing milestone, and Terts and Jannik have kicked off reimplementing the `ldns` tools and example programs in #Rust.
All development is #OpenSource and in the open you can follow the progress and contribute: https://github.com/NLnetLabs/domain/pulls
-
Our #DNS `domain` crate for #rustlang is progressing in three parallel tracks: Ximon's #XFR Zone transfers with #TSIG is nearing completion, a proof of concept for query routing by Philip is ready for review so he can turn his attention to the #DNSSEC signing milestone, and Terts and Jannik have kicked off reimplementing the `ldns` tools and example programs in #Rust.
All development is #OpenSource and in the open you can follow the progress and contribute: https://github.com/NLnetLabs/domain/pulls
-
Our #DNS `domain` crate for #rustlang is progressing in three parallel tracks: Ximon's #XFR Zone transfers with #TSIG is nearing completion, a proof of concept for query routing by Philip is ready for review so he can turn his attention to the #DNSSEC signing milestone, and Terts and Jannik have kicked off reimplementing the `ldns` tools and example programs in #Rust.
All development is #OpenSource and in the open you can follow the progress and contribute: https://github.com/NLnetLabs/domain/pulls
-
Our #DNS `domain` crate for #rustlang is progressing in three parallel tracks: Ximon's #XFR Zone transfers with #TSIG is nearing completion, a proof of concept for query routing by Philip is ready for review so he can turn his attention to the #DNSSEC signing milestone, and Terts and Jannik have kicked off reimplementing the `ldns` tools and example programs in #Rust.
All development is #OpenSource and in the open you can follow the progress and contribute: https://github.com/NLnetLabs/domain/pulls
-
When building a library, it's not just about providing features but getting the ergonomics right so that developers can take maximum advantage of the functionality provided. After several approaches, we're finally happy with #DNS Zone Transfers for our #OpenSource `domain` crate for #rustlang. #CodingInTheOpen #IXFR #AXFR #TSIG
https://github.com/NLnetLabs/domain/pull/375 -
When building a library, it's not just about providing features but getting the ergonomics right so that developers can take maximum advantage of the functionality provided. After several approaches, we're finally happy with #DNS Zone Transfers for our #OpenSource `domain` crate for #rustlang. #CodingInTheOpen #IXFR #AXFR #TSIG
https://github.com/NLnetLabs/domain/pull/375 -
When building a library, it's not just about providing features but getting the ergonomics right so that developers can take maximum advantage of the functionality provided. After several approaches, we're finally happy with #DNS Zone Transfers for our #OpenSource `domain` crate for #rustlang. #CodingInTheOpen #IXFR #AXFR #TSIG
https://github.com/NLnetLabs/domain/pull/375 -
When building a library, it's not just about providing features but getting the ergonomics right so that developers can take maximum advantage of the functionality provided. After several approaches, we're finally happy with #DNS Zone Transfers for our #OpenSource `domain` crate for #rustlang. #CodingInTheOpen #IXFR #AXFR #TSIG
https://github.com/NLnetLabs/domain/pull/375 -
When building a library, it's not just about providing features but getting the ergonomics right so that developers can take maximum advantage of the functionality provided. After several approaches, we're finally happy with #DNS Zone Transfers for our #OpenSource `domain` crate for #rustlang. #CodingInTheOpen #IXFR #AXFR #TSIG
https://github.com/NLnetLabs/domain/pull/375 -
Опыты в домашней лаборатории: динамически обновляем записи приватной зоны DNS в OpenWRT
Моя домашняя лаборатория подключена к интернету через маршрутизатор с прошивкой OpenWRT. Развертывая локальный ACME сервер, я понял, что, независимо от применяемого типа валидации запросов, ACME должен найти в DNS полное доменное имя сервера, для которого запрошен сертификат. В размышлениях, где же стоит хостить свою приватную DNS зону, меня озарило: «Но у нас уже есть дома DNS-сервер в OpenWRT. Наверняка можно удаленно обновлять записи в его локальной зоне». TL;DR: В итоге пришлось поставить BIND
https://habr.com/ru/articles/826826/
#openwrt #arm64 #dns #bind #hotplug #RFC2136 #RFC2845 #TSIG #DDNS #selfhosted
-
Опыты в домашней лаборатории: динамически обновляем записи приватной зоны DNS в OpenWRT
Моя домашняя лаборатория подключена к интернету через маршрутизатор с прошивкой OpenWRT. Развертывая локальный ACME сервер, я понял, что, независимо от применяемого типа валидации запросов, ACME должен найти в DNS полное доменное имя сервера, для которого запрошен сертификат. В размышлениях, где же стоит хостить свою приватную DNS зону, меня озарило: «Но у нас уже есть дома DNS-сервер в OpenWRT. Наверняка можно удаленно обновлять записи в его локальной зоне». TL;DR: В итоге пришлось поставить BIND
https://habr.com/ru/articles/826826/
#openwrt #arm64 #dns #bind #hotplug #RFC2136 #RFC2845 #TSIG #DDNS #selfhosted
-
Опыты в домашней лаборатории: динамически обновляем записи приватной зоны DNS в OpenWRT
Моя домашняя лаборатория подключена к интернету через маршрутизатор с прошивкой OpenWRT. Развертывая локальный ACME сервер, я понял, что, независимо от применяемого типа валидации запросов, ACME должен найти в DNS полное доменное имя сервера, для которого запрошен сертификат. В размышлениях, где же стоит хостить свою приватную DNS зону, меня озарило: «Но у нас уже есть дома DNS-сервер в OpenWRT. Наверняка можно удаленно обновлять записи в его локальной зоне». TL;DR: В итоге пришлось поставить BIND
https://habr.com/ru/articles/826826/
#openwrt #arm64 #dns #bind #hotplug #RFC2136 #RFC2845 #TSIG #DDNS #selfhosted
-
Today was a good rest day. I upgraded the #Diaspora pod by building a new Docker image for it (and upgrading said image to the current #Debian). I got #pfsense to do #ddns to my #bind nameserver using #tsig, which allowed me to expose it on #ipv6. Lots of technology #winning!
We walked to the local Dairy Queen for a treat, but it closed early for Father’s Day, so we walked to the grocery store and got a treat there instead. Lovely.
-
Today was a good rest day. I upgraded the #Diaspora pod by building a new Docker image for it (and upgrading said image to the current #Debian). I got #pfsense to do #ddns to my #bind nameserver using #tsig, which allowed me to expose it on #ipv6. Lots of technology #winning!
We walked to the local Dairy Queen for a treat, but it closed early for Father’s Day, so we walked to the grocery store and got a treat there instead. Lovely.
-
Today was a good rest day. I upgraded the #Diaspora pod by building a new Docker image for it (and upgrading said image to the current #Debian). I got #pfsense to do #ddns to my #bind nameserver using #tsig, which allowed me to expose it on #ipv6. Lots of technology #winning!
We walked to the local Dairy Queen for a treat, but it closed early for Father’s Day, so we walked to the grocery store and got a treat there instead. Lovely.
-
Today was a good rest day. I upgraded the #Diaspora pod by building a new Docker image for it (and upgrading said image to the current #Debian). I got #pfsense to do #ddns to my #bind nameserver using #tsig, which allowed me to expose it on #ipv6. Lots of technology #winning!
We walked to the local Dairy Queen for a treat, but it closed early for Father’s Day, so we walked to the grocery store and got a treat there instead. Lovely.
-
Today was a good rest day. I upgraded the #Diaspora pod by building a new Docker image for it (and upgrading said image to the current #Debian). I got #pfsense to do #ddns to my #bind nameserver using #tsig, which allowed me to expose it on #ipv6. Lots of technology #winning!
We walked to the local Dairy Queen for a treat, but it closed early for Father’s Day, so we walked to the grocery store and got a treat there instead. Lovely.
-
Issue Let's Encrypt Certificates with TSIG Zone Updates against Knot
https://s3lph.me/issue-lets-encrypt-certificates-with-tsig-zone-updates-against-knot.html
-
Issue Let's Encrypt Certificates with TSIG Zone Updates against Knot
https://s3lph.me/issue-lets-encrypt-certificates-with-tsig-zone-updates-against-knot.html
-
Issue Let's Encrypt Certificates with TSIG Zone Updates against Knot
https://s3lph.me/issue-lets-encrypt-certificates-with-tsig-zone-updates-against-knot.html
-
Hey #hivemind ... I need a #deadstupid #dns #application ... all it should do is to take unsigned zone xfer from whitelisted IP's, #sign them with defined #TSIG and send them do another dns with zonexfer. It does not need to be able to do anything else. I'm thinking about cluding #powerdns for that task but is there anything else simpler out there? (#windns does not support tsig for whatever reason and need something simple for a POC)
-
Hey #hivemind ... I need a #deadstupid #dns #application ... all it should do is to take unsigned zone xfer from whitelisted IP's, #sign them with defined #TSIG and send them do another dns with zonexfer. It does not need to be able to do anything else. I'm thinking about cluding #powerdns for that task but is there anything else simpler out there? (#windns does not support tsig for whatever reason and need something simple for a POC)
-
Hey #hivemind ... I need a #deadstupid #dns #application ... all it should do is to take unsigned zone xfer from whitelisted IP's, #sign them with defined #TSIG and send them do another dns with zonexfer. It does not need to be able to do anything else. I'm thinking about cluding #powerdns for that task but is there anything else simpler out there? (#windns does not support tsig for whatever reason and need something simple for a POC)
-
Hey #hivemind ... I need a #deadstupid #dns #application ... all it should do is to take unsigned zone xfer from whitelisted IP's, #sign them with defined #TSIG and send them do another dns with zonexfer. It does not need to be able to do anything else. I'm thinking about cluding #powerdns for that task but is there anything else simpler out there? (#windns does not support tsig for whatever reason and need something simple for a POC)
-
-
RFC 9103: DNS Zone Transfer over TLS
Traditionnellement, le transfert d'une zone #DNS depuis le serveur maitre vers ses esclaves se fait en clair. Si l'authentification et l'intégrité sont protégées, par exemple par #TSIG, le transfert en clair ne fournit pas de confidentialité. Ce RFC normalise un transfert de zones sur TLS, #XoT (zone transfer over TLS).
-
RFC 9103: DNS Zone Transfer over TLS
Traditionnellement, le transfert d'une zone #DNS depuis le serveur maitre vers ses esclaves se fait en clair. Si l'authentification et l'intégrité sont protégées, par exemple par #TSIG, le transfert en clair ne fournit pas de confidentialité. Ce RFC normalise un transfert de zones sur TLS, #XoT (zone transfer over TLS).
-
RFC 8945: Secret Key Transaction Authentication for DNS (TSIG)
Le #DNS a des vulnérabilités à plusieurs endroits, notamment des risques d'usurpation, qui permettent de glisser une réponse mensongère à la place de la bonne. #TSIG, normalisé dans ce RFC (qui remplace le RFC 2845), est une solution de vérification de l'intégrité du canal. TSIG est surtout utilisé entre serveurs DNS maîtres et esclaves, pour sécuriser les transferts de zone.
-
RFC 8945: Secret Key Transaction Authentication for DNS (TSIG)
Le #DNS a des vulnérabilités à plusieurs endroits, notamment des risques d'usurpation, qui permettent de glisser une réponse mensongère à la place de la bonne. #TSIG, normalisé dans ce RFC (qui remplace le RFC 2845), est une solution de vérification de l'intégrité du canal. TSIG est surtout utilisé entre serveurs DNS maîtres et esclaves, pour sécuriser les transferts de zone.