[dns-operations] [Ssh] Is anyone actually using SSHFP records?
Phillip Hallam-Baker
phill at hallambaker.com
Wed Feb 26 22:52:20 UTC 2025
On Wed, Feb 26, 2025 at 4:57 PM Damien Miller <djm at mindrot.org> wrote:
> On Wed, 26 Feb 2025, Phillip Hallam-Baker wrote:
>
> > I am currently taking a hard look at mechanisms for using DNS Handles as
> a
> > means for exchange of authenticated and non-authenticated contact
> > information via JSContact.
> >
> > As part of that, I wanted to know if there was any *existing* use of the
> > SSHFP record for publishing SSH credentials and if so whether it was
> limited
> > to the server. And yes, I can read the specs, what I am asking about is
> > actual practice.
>
> AFAIK there is a relatively small but passionate community of users.
>
> Maybe someone is doing telemetry of RR types that you could consult
> to get an objective measure.
>
Small but passionate is sufficient for this purpose. My goal here is to
break as little
as possible.
There are some DNS records that are clearly best left forgotten. If the
response was
of the form 'yeah we tried that and there is some software out there that
explodes if
it sees one', well best not.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20250226/b0debd0d/attachment-0001.html>
More information about the dns-operations
mailing list