dnsbase
Copyright(c) Viktor Dukhovni 2020
LicenseBSD-3-Clause
Maintainerietf-dane@dukhovni.org
Stabilityexperimental
Safe HaskellNone
LanguageGHC2024

Net.DNSBase.EDNS.Option.Secalgs

Description

RFC 6975 specifies a way for validating end-system resolvers to signal to a server which digital signature and hash algorithms they support. This signalling does not alter server behaviour, rather it just provides a means to server operators to collect data on client algorithm support to assist in planning future algorithm selection.

The format of the associated EDNS options is defined in RFC6975, Section 3 as follows:

 0                       8                      16
 +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
 |                  OPTION-CODE                  |
 +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
 |                  LIST-LENGTH                  |
 +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
 |       ALG-CODE        |        ...            /
 +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+

i.e. a 16-bit count, followed by a sequence of 8-bit algorithm numbers.

The use of SHA-1 in NSEC3 is essentially light-weight obfuscation to discourage casual zone walking. Implementation and adoption of successor algorithms seems unlikely, and would in also be most counter-productive. Therefore, while the N3U option is defined here, it is best left unused. As of February 2020, the IANA registry of NSEC3 hash algorithms lists just SHA-1:

ValueDescriptionReference
0Reserved[RFC5155]
1SHA-1[RFC5155]
2-255Unassigned

This is not expected to change.

Synopsis

Documentation

newtype O_dau Source #

DNSSEC Algorithm Understood (RFC6975).

Constructors

O_DAU [DNSKEYAlg] 

Instances

Instances details
KnownEdnsOption O_dau Source # 
Instance details

Defined in Net.DNSBase.EDNS.Option.Secalgs

Associated Types

type OptionExtensionVal O_dau 
Instance details

Defined in Net.DNSBase.EDNS.Option.Secalgs

type OptionExtensionVal O_dau = ()

Methods

optionExtensionVal :: forall b -> b ~ O_dau => OptionExtensionVal O_dau Source #

optNum :: forall b -> b ~ O_dau => OptNum Source #

optPres :: forall b -> b ~ O_dau => Builder -> Builder Source #

optEncode :: forall s r. (Typeable r, Eq r, Show r) => O_dau -> SPut s r Source #

optDecode :: forall b -> b ~ O_dau => OptionExtensionVal b -> Int -> SGet EdnsOption Source #

Presentable O_dau Source # 
Instance details

Defined in Net.DNSBase.EDNS.Option.Secalgs

Methods

present :: O_dau -> Builder -> Builder Source #

presentLazy :: O_dau -> ByteString -> ByteString Source #

Show O_dau Source # 
Instance details

Defined in Net.DNSBase.EDNS.Option.Secalgs

Methods

showsPrec :: Int -> O_dau -> ShowS #

show :: O_dau -> String #

showList :: [O_dau] -> ShowS #

Eq O_dau Source # 
Instance details

Defined in Net.DNSBase.EDNS.Option.Secalgs

Methods

(==) :: O_dau -> O_dau -> Bool #

(/=) :: O_dau -> O_dau -> Bool #

type OptionExtensionVal O_dau Source # 
Instance details

Defined in Net.DNSBase.EDNS.Option.Secalgs

type OptionExtensionVal O_dau = ()

newtype O_dhu Source #

DS Hash Understood (RFC6975).

Constructors

O_DHU [DSHashAlg] 

Instances

Instances details
KnownEdnsOption O_dhu Source # 
Instance details

Defined in Net.DNSBase.EDNS.Option.Secalgs

Associated Types

type OptionExtensionVal O_dhu 
Instance details

Defined in Net.DNSBase.EDNS.Option.Secalgs

type OptionExtensionVal O_dhu = ()

Methods

optionExtensionVal :: forall b -> b ~ O_dhu => OptionExtensionVal O_dhu Source #

optNum :: forall b -> b ~ O_dhu => OptNum Source #

optPres :: forall b -> b ~ O_dhu => Builder -> Builder Source #

optEncode :: forall s r. (Typeable r, Eq r, Show r) => O_dhu -> SPut s r Source #

optDecode :: forall b -> b ~ O_dhu => OptionExtensionVal b -> Int -> SGet EdnsOption Source #

Presentable O_dhu Source # 
Instance details

Defined in Net.DNSBase.EDNS.Option.Secalgs

Methods

present :: O_dhu -> Builder -> Builder Source #

presentLazy :: O_dhu -> ByteString -> ByteString Source #

Show O_dhu Source # 
Instance details

Defined in Net.DNSBase.EDNS.Option.Secalgs

Methods

showsPrec :: Int -> O_dhu -> ShowS #

show :: O_dhu -> String #

showList :: [O_dhu] -> ShowS #

Eq O_dhu Source # 
Instance details

Defined in Net.DNSBase.EDNS.Option.Secalgs

Methods

(==) :: O_dhu -> O_dhu -> Bool #

(/=) :: O_dhu -> O_dhu -> Bool #

type OptionExtensionVal O_dhu Source # 
Instance details

Defined in Net.DNSBase.EDNS.Option.Secalgs

type OptionExtensionVal O_dhu = ()

newtype O_n3u Source #

NSEC3 Hash Understood (RFC6975).

Constructors

O_N3U [NSEC3HashAlg] 

Instances

Instances details
KnownEdnsOption O_n3u Source # 
Instance details

Defined in Net.DNSBase.EDNS.Option.Secalgs

Associated Types

type OptionExtensionVal O_n3u 
Instance details

Defined in Net.DNSBase.EDNS.Option.Secalgs

type OptionExtensionVal O_n3u = ()

Methods

optionExtensionVal :: forall b -> b ~ O_n3u => OptionExtensionVal O_n3u Source #

optNum :: forall b -> b ~ O_n3u => OptNum Source #

optPres :: forall b -> b ~ O_n3u => Builder -> Builder Source #

optEncode :: forall s r. (Typeable r, Eq r, Show r) => O_n3u -> SPut s r Source #

optDecode :: forall b -> b ~ O_n3u => OptionExtensionVal b -> Int -> SGet EdnsOption Source #

Presentable O_n3u Source # 
Instance details

Defined in Net.DNSBase.EDNS.Option.Secalgs

Methods

present :: O_n3u -> Builder -> Builder Source #

presentLazy :: O_n3u -> ByteString -> ByteString Source #

Show O_n3u Source # 
Instance details

Defined in Net.DNSBase.EDNS.Option.Secalgs

Methods

showsPrec :: Int -> O_n3u -> ShowS #

show :: O_n3u -> String #

showList :: [O_n3u] -> ShowS #

Eq O_n3u Source # 
Instance details

Defined in Net.DNSBase.EDNS.Option.Secalgs

Methods

(==) :: O_n3u -> O_n3u -> Bool #

(/=) :: O_n3u -> O_n3u -> Bool #

type OptionExtensionVal O_n3u Source # 
Instance details

Defined in Net.DNSBase.EDNS.Option.Secalgs

type OptionExtensionVal O_n3u = ()