Opened 14 months ago

Last modified 7 months ago

#6665 enhancement new

Implement dns.Record_RRSIG record class

Reported by: rwall Owned by: rwall
Priority: normal Milestone: DNSSEC_Client
Component: names Keywords:
Cc: Branch: branches/rrsig-record-6665-2
(diff, github, buildbot, log)
Author: rwall Launchpad Bug:

Description

Implement only the RRSIG record type and tests.

Add an example RRSIG record to

Build upon one of the implementations attached to #4610 and #5454 or combine the two.

#5454 includes a new RRSIG lookup method. That can be deferred to another ticket.

#4610 includes extra methods for validation of signatures. That can also be deferred to another ticket.

See:

wiki:EDNS0#NewDNSSECRecordsandLookupMethods
#5454
#4610

https://tools.ietf.org/html/rfc4034#section-2

Change History (10)

comment:1 follow-up: Changed 13 months ago by v_for_vincent

  • Owner set to v_for_vincent
  • Status changed from new to assigned

I'd like to take a crack at this. I'm new to Twisted and I'm hoping to familiarize myself with the framework by closing some tickets. I'd appreciate it if someone could check up on my contributions from time to time.

comment:2 in reply to: ↑ 1 Changed 13 months ago by rwall

Replying to v_for_vincent:

I'd like to take a crack at this. I'm new to Twisted and I'm hoping to familiarize myself with the framework by closing some tickets. I'd appreciate it if someone could check up on my contributions from time to time.

Great. I've been working on the EDNS(0) and DNSSEC things lately and your help will be greatly appreciated.

Take a look at #6664 first which will give you an idea of what needs changing.

You'll need to take what was contributed by BobNovas in #5454 and extract just the rrsig record part. Then add more tests and documentation.

I've already separated out the Serial Number Arithmetic parts in #6672 - so take a look at that branch too because I think it will be needed to complete this RRSIG ticket.

Also see wiki:EDNS0 for the rough plan of action.

I'm rwall in #twisted and #twisted-dev if you want to discuss.

comment:3 Changed 12 months ago by rwall

  • Author set to rwall
  • Branch set to branches/rrsig-record-6665

(In [40138]) Branching to 'rrsig-record-6665'

comment:4 Changed 10 months ago by rwall

  • Milestone set to DNSSEC: Security Aware, Validating Client

comment:5 Changed 10 months ago by rwall

  • Owner changed from v_for_vincent to rwall
  • Status changed from assigned to new

comment:6 Changed 10 months ago by rwall

  • Status changed from new to assigned

comment:7 Changed 10 months ago by rwall

  • Branch changed from branches/rrsig-record-6665 to branches/rrsig-record-6665-2

(In [40814]) Branching to 'rrsig-record-6665-2'

comment:8 Changed 10 months ago by rwall

  • Keywords review added
  • Owner rwall deleted
  • Status changed from assigned to new

Ready for review in log:branches/rrsig-record-6665

  • Duplicated most of the stuff I've done for #6664
  • I've only implemented the fields and encoding / decoding parts
  • Whatever changes come up when #6664 gets reviewed and merged, I'll apply here too.

Build Results:

comment:9 Changed 7 months ago by glyph

  • Keywords review removed
  • Owner set to rwall

Hi rwall, very sorry to bounce this back to you, especially after 3 months, but do you think you could merge forward and clean up the conflicts so the buildbot can deal with this properly?

In the meanwhile here are some other comments:

  1. twisted.names.client.lookupRRSIG needs a docstring.
  2. The links are good, but a little bit of background on what an RRSIG record is wouldn't hurt.
  3. Just a minor nitpick, I think the test names that are test_isomethingInterface should just be test_somethingInterface; the I prefix just means Interface after all.

Otherwise, given my somewhat limited understanding of what RRSIG is and does, this looks pretty good. What exactly is the "duplication" with #6664?

comment:10 Changed 7 months ago by rwall

(In [41756]) Merge serial-number-arithmetic-6672

Author: BobNovas, rwall
Reviewers: exarkun, glyph
Fixes: #6672
Refs: #5454, #6665

A private Serial Number Arithmetic module for manipulating Serial Numbers
defined in RFC1982. This will be used for comparison of DNS zone serial numbers
and RRSIG inception dates.

Note: See TracTickets for help on using tickets.