User Tools

Site Tools


98hackathon

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
98hackathon [2017/03/29 15:05]
bortzmeyer DNS-over-TLS result
98hackathon [2017/04/12 20:24] (current)
eckelcu_cisco.com [Meeting Materials]
Line 49: Line 49:
        * Request to be added to IETF Github organization by sending your Github ID to Charles Eckel <​eckelcu@cisco.com>​        * Request to be added to IETF Github organization by sending your Github ID to Charles Eckel <​eckelcu@cisco.com>​
      * [[https://​isoc.app.box.com/​v/​IETFHackathon-201703|Hackathon Photos]]      * [[https://​isoc.app.box.com/​v/​IETFHackathon-201703|Hackathon Photos]]
 +     * [[https://​communities.cisco.com/​community/​developer/​opensource/​blog/​2017/​04/​12/​ietf-98-hackathon-in-chicago-improves-internet-through-running-code|Summary Blogpost]]
  
 ---- ----
Line 142: Line 143:
      * DBUS API and nss-resolv support for Stubby [[https://​getdnsapi.net/​presentations/​stubby-nanog68.pdf]]      * DBUS API and nss-resolv support for Stubby [[https://​getdnsapi.net/​presentations/​stubby-nanog68.pdf]]
      * Asyncio support in getdns Python binding      * Asyncio support in getdns Python binding
-     * DNS-over-TLS service monitoring (e.g. [[https://​www.monitoring-plugins.org/​|Nagios]] plug-in). Using [[https://​getdnsapi.net/​|getdns]] seems a reasonable choice (or the [[https://​miek.nl/​2014/​August/​16/​go-dns-package/​|Go DNS librray]] since Go has a good TLS package?). Must be able to specify: expiration date for the cert (like the check_http plugin), the qname, qtype, the pinned key... Bonus: being able to test the TLS configuration (no weak cipher, etc) [[http://​www.bortzmeyer.org/​monitor-dns-over-tls.html][this article]] summarizes the result of this sub-project.+     * DNS-over-TLS service monitoring (e.g. [[https://​www.monitoring-plugins.org/​|Nagios]] plug-in). Using [[https://​getdnsapi.net/​|getdns]] seems a reasonable choice (or the [[https://​miek.nl/​2014/​August/​16/​go-dns-package/​|Go DNS librray]] since Go has a good TLS package?). Must be able to specify: expiration date for the cert (like the check_http plugin), the qname, qtype, the pinned key... Bonus: being able to test the TLS configuration (no weak cipher, etc) [[http://​www.bortzmeyer.org/​monitor-dns-over-tls.html|this article]] summarizes the result of this sub-project.
      * TLS chain extension (draft-ietf-tls-dnssec-chain-extension-01)      * TLS chain extension (draft-ietf-tls-dnssec-chain-extension-01)
      * IPv6-only prefix discovery for DNS64 (RFC 7050)      * IPv6-only prefix discovery for DNS64 (RFC 7050)
98hackathon.1490799919.txt.gz ยท Last modified: 2017/03/29 15:05 by bortzmeyer