- SWEDE - tools to create and verify TLSA (DANE) records
+ SWEDE - a tool to create and verify TLSA (DANE) records
================================================================================
Swede aims to provide a one-stop solutions to create and test TLSA records.
FEATURES
--------------------------------------------------------------------------------
-- Creation of all 18 permutations of TLSA records
-- Output in draft and RFC format
+- Creation of all 24 permutations of TLSA records
+- Output in generic and RFC format
- Ability to load certificates from disk to create records from
- Verify TLSA records 'in the field' with the certificates offered by the TLS
service running on the server
swede verify ulthar.us
TODO
--------------------------------------------------------------------------------
-- Creation tool that checks the CN in the Subject of the certificate
-- IPv6 support (M2Crypto doesnt support it at the moment)
+- Create and verify should check the CN in the Subject of the certificate
+- The verification for usage 2 is _VERY_ naive
- Creation tool that does an AXFR for a full zone, collects all hostnames, gets
the certificates (or the CA certificate from the commandline) and creates all
TLSA records.