[Cryptech Tech] Some problems with the repo access
Randy Bush
randy at psg.com
Sat Feb 15 00:23:41 UTC 2014
> _443._tcp.cryptech.is. IN CNAME ca.hactrn.net.
>
> ca.hactrn.net has a TLSA RR containing the issuing CA certificate with
> appropriate TLSA flag bits, so just adding the above CNAME should work.
>
> The last couple of messages on the thread were discussing
> optimizations that don't affect what you'd put in the CNAME.
and, for those of us wishing to use the hack on other zones with other
certs, what is at ca.hactrn.net?
randy
More information about the Tech
mailing list