AW: Roadmap for DNSSEC signing/automation?

[Tony Finch]

Stelzner, Tore <tore.stelzner at hrz.tu-darmstadt.de> wrote:
>
> For KSK updates and rollovers we use some scripts by a third company
> that work with the API of the domain reseller. At the moment it seems to
> be very specific for the API of this reseller and so nothing to share.

What I would like is a set of tools with a common user interface that can
talk to all sorts of parents with their various proprietary APIs -
registries, registrars, RIRs, ISPs, etc. The hope being that a common CLI
framework makes it easier / more useful to share these API clients (and
reduces the friction for changing suppliers).

I have about 10% of a thing that can talk to 2 of the 3 such suppliers I
currently care about (JANET and RIPE), plus two I used to care about
(Gandi and Nominet EPP). I'm not working on it until either dnssec-keymgr
can do KSK rollovers, or renaming my DNS servers gets to the top of my
priority list...

Tony.
-- 
f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/  -  I xn--zr8h punycode
Trafalgar: Southwesterly, veering westerly, 4 or 5 at first in southeast,
otherwise 6 to gale 8, increasing severe gale 9 at times in northwest.
Moderate at first in southeast, otherwise rough or very rough, occasionally
high later in northwest. Rain then showers. Good occasionally poor.