Evilham writes:
Also, I recall this PR from early summer, which appears to have been OK'd but is blocked by some failure in appveyor + buildbot: https://github.com/twisted/twisted/pull/954
That one's mine. I've finally figured out the Twisted CI infrastructure well enough to get things marked green (and I have commit access now as well, thanks Glyph!), so that PR is really only waiting for me to read & consider some of the review feedback on public attribute names. Trac 9373 was my attempt to upstream work I did last year on secure dynamic dns updates (NSUPDATE + transaction signatures). 9373 has narrowed in scope to just the two RR types in PR 954, since there are older tickets for the other records. I plan to combine my work with some of the existing abandoned PRs for KEY, DNSKEY, and SIG and try to sheperd those through the process but that's on the back burner for now. Russ Nelson is/was also doing some work with Names and these RR types. I think he's interested in the server side of secure dyn-dns, but I'm not sure. (I was only working on a client implementation.) Both he and I have github forks with some of our work in branches, if you'd like to see the direction we've been going. As for DNSSEC, I've seen those arguments against it and I find them pretty unconvincing, but I suppose that's a topic for a different thread.