David Blacka
e322186112
* Initial port to dnsjava 3.5.1 * java.util.Date -> java.time.Instant * for (Iterator ..) to for ( Object : List ) * DSRecord.<digest type> -> DNSSEC.Digest.<type> * source to java 8 * formatting overhaul; copyright; author * add slf4j jars for dnsjava 3.5.1 * NSEC/NSEC3 ttls are now min(soa.min, soa.ttl) * Upgrade to commons-cli-1.5; some linter fixes * Add CDS support of jdnssec-dstool * linter suggestions * add a TODO list * Add a TODO list
1.2 KiB
1.2 KiB
jdnssec-tools TODO List
This bit of code has been around since approximately 2005, and has been in "minimal maintenance" mode for much of that time. But that doesn't mean there aren't features that we want to do, if we could arrange time and attention. Here is a partial list:
- More feature parity with the current BIND 9 tools
- Support the "v1.3" private key format. This basically means supporting the timing parameters that BiND 9 added.
- Have
jdnssec-signzonesupport incremental signing, including key rollovers
- Rewrite
jdnssec-signzoneto use a "TreeMap" and arrange the data into a map of RRsets, rather than a sorted list of Record objects. This wouldn't be more efficient, but might be easier to understand. - Allow
jdnssec-signzoneto scale by either:- Allowing for pre-sorted zone data, and/or
- allowing for an external sort once the data is shown to be larger than X, and/or
- allowing for a memory-constrained internal sort that uses disk, and/or,
- figuring out how to let the JVM use a lot of memory.
- Add support for algorithm 16, perhaps refactor algorithm 15 support using bouncycastle.
- Note that our current dnsjava version, 3.5.1 has some support, although it isn't clear if it has sign/verify support.