[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Contributing to GNUnet
From: |
Tanguy Le Carrour |
Subject: |
Re: Contributing to GNUnet |
Date: |
Sat, 14 Mar 2020 12:00:17 +0100 |
Hi Martin,
Le 03/13, Schanzenbach, Martin a écrit :
> > On 13. Mar 2020, at 18:32, Tanguy Le Carrour <address@hidden> wrote:
> > Le 03/10, Tanguy Le Carrour a écrit :
> >> Le 03/09, Christian Grothoff a écrit :
> >>> 2) try adding a TLSA record for gnunet.org to GNS, thereby avoiding
> >>> the use of Letsencrypt and really directly verifying via GNS.
> >> I'll try this and let you know, thanks!
> > So, I did my homework, used a generator [1][] and ended up with this:
> > ```
> > _443._tcp.gnunet.org. IN TLSA 3 1 1
> > 26145f39399c7625a95d290bde5731566a81e1cbe6baf84f37ba60b333b05939
> > ```
> > [1]: https://www.huque.com/bin/gen_tlsa
> > So I now have:
> > ```
> > $ gnunet-namestore -z myself -a -e "1 d" -p -t TLSA -n gnunet -V "3 1 1
> > 26145f39399c7625a95d290bde5731566a81e1cbe6baf84f37ba60b333b05939"
> > $ gnunet-gns --type ANY --lookup gnunet.myself
> > gnunet.myself:
> > Got `TLSA' record: 3 1 1
> > 26145f39399c7625a95d290bde5731566a81e1cbe6baf84f37ba60b333b05939
> > Got `LEHO' record: gnunet.org
> > Got `A' record: 131.159.74.67
> > ```
> > I didn't know where to put the `_443._tcp` part. `gnunet-namestore`
> > complained
> > about the name containing a `.`.
> > There's something in the doc [2][] about `_port._proto.`, but it's for
> > BOX records only.
>
> Indeed, instead of a TLSA records, for GNS, you should add a box record that
> contains a TLSA record. Like so:
> $ gnunet-namestore -z myself -a -e "1 d" -p -t BOX -n gnunet -V "6 443 3 1 1
> 26145f39399c7625a95d290bde5731566a81e1cbe6baf84f37ba60b333b05939"
> 6 is the protocol (tcp), 443 is the service (https).
Unfortunately…
```
$ gnunet-namestore -z myself -a -e "1 d" -p -t BOX -n gnunet -V "6 443 3 1 1
26145f39399c7625a95d290bde5731566a81e1cbe6baf84f37ba60b333b05939"
Value `6 443 3 1 1
26145f39399c7625a95d290bde5731566a81e1cbe6baf84f37ba60b333b05939' invalid for
record type `BOX'
$ gnunet-namestore --version
gnunet-namestore v0.12.2 release
```
>From the code [1][], I could not guess what the correct format should be.
[1]: src/gnsrecord/plugin_gnsrecord_dns.c:656
src/include/gnunet_gnsrecord_lib.h:297
> Still I wonder why you actually need that...
As Christian said, this might not be the cause of the problem, but it's part of
the investigation.
Anyway, thanks for your time!
--
Tanguy
- Contributing to GNUnet, Tanguy Le Carrour, 2020/03/04
- Re: Contributing to GNUnet, Christian Grothoff, 2020/03/04
- Re: Contributing to GNUnet, Schanzenbach, Martin, 2020/03/04
- Re: Contributing to GNUnet, Tanguy Le Carrour, 2020/03/05
- Re: Contributing to GNUnet, Tanguy Le Carrour, 2020/03/09
- Re: Contributing to GNUnet, Christian Grothoff, 2020/03/09
- Re: Contributing to GNUnet, Tanguy Le Carrour, 2020/03/10
- Re: Contributing to GNUnet, Christian Grothoff, 2020/03/10
- Re: Contributing to GNUnet, Tanguy Le Carrour, 2020/03/13
- Re: Contributing to GNUnet, Schanzenbach, Martin, 2020/03/13
- Re: Contributing to GNUnet,
Tanguy Le Carrour <=
- Re: Contributing to GNUnet, Schanzenbach, Martin, 2020/03/14
- Re: Contributing to GNUnet, Tanguy Le Carrour, 2020/03/14
- Re: Contributing to GNUnet, Schanzenbach, Martin, 2020/03/14
- Re: Contributing to GNUnet, Tanguy Le Carrour, 2020/03/14
- Re: Contributing to GNUnet, Martin Schanzenbach, 2020/03/14
- Re: Contributing to GNUnet, Martin Schanzenbach, 2020/03/14
- Re: Contributing to GNUnet, Tanguy Le Carrour, 2020/03/20