[Opendnssec-develop] KASP Auditor Requirements
Jelte Jansen
jelte at NLnetLabs.nl
Thu Apr 23 13:34:22 UTC 2009
Rickard Bondesson wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> *****
> 2.2. The KA should be able to accept the input zone data in the form of:
> a. A zone file.
> b. An AXFR.
> 2.4. The KA must be able to accept the output zone data in the form of:
> a. A zone file.
> b. An AXFR.
> *****
>
> I haven't check how the Signer Engine handles the zones, but it would be nice to have hooks into the internal zone data rather than implementing I/O adapters for the KA. Now it is specified as a bump on the road, but that is perhaps how we want it?
>
at the moment, it doesn't have a representation of the zone, only an input file
name, an output file name, and a zone name. Zone content handling is done by the
tools, which use text-in-text-out. Technically the originial idea was to
directly pipe from the input file all the way to the output file, but for
efficiency reasons (call it a cache), intermediate sorted and signed zone files
are also stored.
(of course this is all for the first version)
one way i could easily sneak in AXFR (both in and out) is to still use those
files, and write two little mini-daemons that 'do' the axfr from/to those files.
Jelte
More information about the Opendnssec-develop
mailing list