> On 29 Aug 2021, at 16:14, Peter J. Philipp <[email protected]> wrote:
>
> On Sun, Aug 29, 2021 at 07:16:20AM -0600, Theo de Raadt wrote:
>> Is there a strong reason why this has to be in that specific library?
>
> Not really. I did see gnutls has dane functions and openssl has them too.
> I can stick to just rolling the needed functionality in the syslogd.
>
> Noone out there is doing this already right?
>
Hello,
I had started working on a standalone dane resolver based upon asr but I
decided not to move it forward:
OpenSSL has an interface for DANE and !OpenBSD projects are more likely to
implement that interface,
so I thought my plan of a standalone implementation would be inferior to a
LibreSSL implementation that
could be picked by ports and a libtls interface that could be picked by base
daemons.
I don’t have much code but I can share if you’re still interested.
