Are there any plans to add support for the DNSSEC related RR types to the DNS resolver built into Tor? Ie, DNSKEY, RRSIG, DS, NSEC and NSEC3? If not, I think it would be a good thing to add, now the root zone and major top level zones have been signed, browsers are starting to experiment with using DNSSEC signed certificates. If the SSHFP RR type is added too, people who use OpenSSH with the VerifyHostKeyDNS option can benefit from public key verification when SSH'ing into a box for the first time, over Tor. Whilst I'm here, I may as well request MX and AAAA support too I guess. MX for people who want to run mailservers from inside Tor. You could argue against AAAA support because Tor doesn't support IPv6 yet, but I'm just asking for it for completeness more than anything. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk