David Blacka
e322186112
* Initial port to dnsjava 3.5.1 * java.util.Date -> java.time.Instant * for (Iterator ..) to for ( Object : List ) * DSRecord.<digest type> -> DNSSEC.Digest.<type> * source to java 8 * formatting overhaul; copyright; author * add slf4j jars for dnsjava 3.5.1 * NSEC/NSEC3 ttls are now min(soa.min, soa.ttl) * Upgrade to commons-cli-1.5; some linter fixes * Add CDS support of jdnssec-dstool * linter suggestions * add a TODO list * Add a TODO list
16 lines
1.2 KiB
Markdown
16 lines
1.2 KiB
Markdown
# jdnssec-tools TODO List
|
|
|
|
This bit of code has been around since approximately 2005, and has been in "minimal maintenance" mode for much of that time. But that doesn't mean there aren't features that we *want* to do, if we could arrange time and attention. Here is a partial list:
|
|
|
|
* More feature parity with the current BIND 9 tools
|
|
* Support the "v1.3" private key format. This basically means supporting the timing parameters that BiND 9 added.
|
|
* Have `jdnssec-signzone` support incremental signing, including key rollovers
|
|
* Rewrite `jdnssec-signzone` to use a "TreeMap" and arrange the data into a map of RRsets, rather than a sorted list of Record objects. This wouldn't be more efficient, but might be easier to understand.
|
|
* Allow `jdnssec-signzone` to scale by either:
|
|
* Allowing for pre-sorted zone data, and/or
|
|
* allowing for an external sort once the data is shown to be larger than X, and/or
|
|
* allowing for a memory-constrained internal sort that uses disk, and/or,
|
|
* figuring out how to let the JVM use *a lot* of memory.
|
|
* Add support for algorithm 16, perhaps refactor algorithm 15 support using bouncycastle.
|
|
* Note that our current dnsjava version, 3.5.1 has some support, although it isn't clear if it has sign/verify support.
|