Hi, Is there any chance that a new export option could be added (alongside or instead of export-dane) to output "modern" Bind9 zonefile syntax (i.e. "OPENPGPKEY" rather than "TYPE61 \# 2193", and base64 rather than hexadecimal)?
I suppose it's not important. It's just prettier. But since DNS query tools like host and dig output OPENPGPKEY records in base64, it would make it easier to compare their output against gpg's output. The reason I'm asking is that DNSSEC is so easy to implement these days (at least with the new debian-11 which has bind-9.16+), and I've just written a DANE management tool that makes DANE easy to implement. So far it only handles TLSA and SSHFP. I'd like to add support for OPENPGPKEY (i.e. calling gpg to produce the record, and calling host to check that it's published). I could (and probably will) get it to transform gpg's output itself, but I thought I'd ask. cheers, raf _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
