Hi again Seo, I've published my fork of Tor with support for publishing CAA records: https://github.com/as207960/tor. There's also now a hidden service at znkiu4wogurrktkqqid2efdg4nvztm7d2jydqenrzeclfgv3byevnbid.onion with CAA records in its hidden service descriptor.
Thanks, Q ------------------------------ Any statements contained in this email are personal to the author and are not necessarily the statements of the company unless specifically stated. AS207960 Cyfyngedig, having a registered office at 13 Pen-y-lan Terrace, Caerdydd, Cymru, CF23 9EU, trading as Glauca Digital, is a company registered in Wales under № 12417574 <https://find-and-update.company-information.service.gov.uk/company/12417574>. ICO register №: ZA782876 <https://ico.org.uk/ESDWebPages/Entry/ZA782876>. UK VAT №: GB378323867. EU VAT №: EU372013983. Turkish VAT №: 0861333524. South Korean VAT №: 522-80-03080. Glauca Digital and the Glauca logo are registered trademarks in the UK, under № UK00003718474 and № UK00003718468, respectively. On Sun, 23 Apr 2023 at 22:12, Q Misell <[email protected]> wrote: > Hi Seo, > > Thanks for the feedback. > > I copy pasted the list of logs into my code from > https://github.com/google/certificate-transparency-community-site/blob/master/docs/google/known-logs.md, > it would probably be a good idea to delete the old logs. > > The SERVFAIL response is non very clear, agreed. I'll improve my error > handling there. > > In my testing, adding new records to the first layer descriptor doesn't > bother the current Tor project tor implementation (seemingly the only one > anyone ever uses). > I'm still working on patching the tor router to add support for defining > CAA but I'll definitely put up a few test services with different > configurations once that's done. > > Thanks, > Q > ------------------------------ > > Any statements contained in this email are personal to the author and are > not necessarily the statements of the company unless specifically stated. > AS207960 Cyfyngedig, having a registered office at 13 Pen-y-lan Terrace, > Caerdydd, Cymru, CF23 9EU, trading as Glauca Digital, is a company > registered in Wales under № 12417574 > <https://find-and-update.company-information.service.gov.uk/company/12417574>. > ICO register №: ZA782876 <https://ico.org.uk/ESDWebPages/Entry/ZA782876>. > UK VAT №: GB378323867. EU VAT №: EU372013983. Turkish VAT №: 0861333524. > South Korean VAT №: 522-80-03080. Glauca Digital and the Glauca logo are > registered trademarks in the UK, under № UK00003718474 and № UK00003718468, > respectively. > > > On Sun, 23 Apr 2023 at 14:27, Seo Suchan <[email protected]> wrote: > >> google's solera 2018~2022 are no longer accept new record. solera ct log >> is sharded by notafter day of incoming certificates, so only log able to >> use currently be 2023 (assume 90 day certificate) >> >> when I ran you client for onion-csr without having hosted onion hidden >> service, server returned caa servfail, not sure this is right response >> for such (not yet hosted) domain: NXdomain or dedicated error code looks >> better. >> >> not sure how one can add a format in first layer like in 5.3 without >> breaking old tor client implementations. could make a hidden service >> with caa-critical online? >> >> P.S didn't notice you already posted v 02 of this draft. >> >> 2023-04-21 오전 7:04에 Q Misell 이(가) 쓴 글: >> > Hi all, >> > >> > Thanks for all your feedback over my draft. I've incorporated your >> > comments into a new draft, and published this. >> > >> > I've also finished my reference implementation of the draft, more >> > details available at https://acmeforonions.org. I'd be delighted if >> > you'd try it out and let me know what you think. >> > >> > Thanks, >> > Q >> > >> > _______________________________________________ >> > Acme mailing list >> > [email protected] >> > https://www.ietf.org/mailman/listinfo/acme >> >> _______________________________________________ >> Acme mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/acme >> >
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
