[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: crypto-keys and cmdinfo

thanks for the help. I only worked on it to get it running for the demo and I did try to make it a proper release. :S

On 20 September 2012 13:36, Anil Madhavapeddy <anil@xxxxxxxxxx> wrote:
I've started porting Haris' excellent crypto_keys library to be suitable for release. ÂThere is proper command-line parsing and man page generation now, thanks to this amazing library:


Anyone wants to try it, install OPAM from http://github.com/OCamlPro/opam, and add the Mirage dev repository:

$ eval `opam config -env`
$ opam remote -add dev git://github.com/mirage/opam-repo-dev
$ opam install crypto_keys

This doesnt actually install the binaries yet, but it gets all the dependencies in place, so you can clone mirage/ocaml-crypto-keys and have it compile very easily, for a change!

Haris, I've got the DNSSEC-to-SSH converter working, but it looks you are currently resolving DS records directly into SSH public keys, right? ÂShould we also look for the SSHFP and use those in preference to DS, if specified?

yes I haven't yet looked that kind of record, but it is a big isueÂto incorporate them. The main issue there is the dns library that needs to add the parsing capability, and the rest should be straightforward.Â

By the way, with this library I had a problem to use it as a library in signpost. If I used the library the program wouldÂsegfault and debugging didn't gave me a progammatic reason. As a result, I was the command line tool to generate keys. My conlusion was that the problem had something to do with the c-ocaml binding with the ssl library. ÂI need to try it again now, as I am thinking that this might be some bad memory handling code in c. Â


Charalampos Rotsos
PhD student
The University of Cambridge
Computer Laboratory
William Gates Building
JJ Thomson Avenue

Phone: +44-(0) 1223 767032
Email: cr409@xxxxxxxxxxxx



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.