Closed Bug 672596 Opened 13 years ago Closed 8 years ago

add dnssec library (based on ldns) for use by DNSSEC TLS system

Categories

(Core :: Security: PSM, enhancement)

enhancement
Not set
normal

Tracking

()

RESOLVED WONTFIX

People

(Reporter: keeler, Unassigned)

References

Details

Attachments

(1 file, 4 obsolete files)

Attached file verification library (obsolete) —
Add a dnssec verification library (based on the ldns library) to enable DNSSEC TLS.
No longer depends on: 672244
Attached patch verification library (obsolete) — Splinter Review
The actual patch this time.
Attachment #546857 - Attachment is obsolete: true
Assignee: nobody → nobody
Component: Libraries → Security: PSM
Product: NSS → Core
QA Contact: libraries → psm
Version: trunk → Trunk
Attached patch verification library (obsolete) — Splinter Review
The library now also makes sure the certificate matches the TLSA record (except when the TLSA certificate type is CA certificate).
Attachment #546858 - Attachment is obsolete: true
Attached patch verification library + tests (obsolete) — Splinter Review
latest version
Attachment #547137 - Attachment is obsolete: true
Attachment #555224 - Flags: review?(bsmith)
Attachment #555224 - Attachment is obsolete: true
Attachment #557974 - Flags: review?(bsmith)
Attachment #555224 - Flags: review?(bsmith)
Comment on attachment 557974 [details] [diff] [review]
verification library + tests

Clearing review request until we re-assess how this fits in with our certificate validation improvement plans.
Attachment #557974 - Flags: review?(bsmith)
I need to integrate ldns as libunbound depends on it. I'm going to do it in my own bug for now, bug 773365.
Closing this bug as WONTFIX until it's clear we have an active use for this library.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: