On Oct 12, 2018, at 12:18 PM, Evilham <contact@evilham.com> wrote:

Dear Twisted people,

I've been taking a good look at twisted.names as a sever after checking
twisted-infra/braid/services/names and how the zones are saved.

The way the zones are saved there is fairly primitive.  It would be nice if we had a more robust backend; in particular I'd love it if we had a DNS API so that e.g. https://github.com/glyph/lancer could talk to something on twistedmatrix.com to provision HTTPS certificates via the LE DNS-01 challenge.

Basically, I wonder what the state-of-afairs of running DNS with twisted is.

We run it on production on twistedmatrix.com and that site sees plenty of DNS traffic :-).

By checking the code I see a couple things like:
* That zone transfers are enabled by default and open to any host and
only subclassing would help override that (it is the case on
twistedmatrix.com btw).

It would certainly be nice if this were controllable via a flag.  As you notice, this should be a ticket.

* Comments saying how some things are not RFC-compliant, but not how.

Some investigation into these comments to make them more specific would be good.

* That DNSSEC is not implemented

On the one hand, it would be great if someone would take the DNSSEC support already in various branches and get it over the finish line.  On the other, DNSSEC is bad (see <https://sockpuppet.org/blog/2015/01/15/against-dnssec/> for example), and is really not necessary to run a real-life DNS server or client, so it's a little difficult for various DNS-interested parties to get excited about it.  Nonetheless if people are going to do DNSSEC I'd rather they do it with Twisted than BIND, so if you could help integrate DNSSEC work that is a definite goal for the project!  So I hope somebody who disagrees with me about the utility of DNSSEC contributes to it.

Besides the 1st point which could be a ticket (should I open it?),

Yup :).

the
other points appear to be somewhat documented in the open tickets:
https://twistedmatrix.com/trac/query?status=assigned&status=new&status=reopened&component=names&group=priority&max=200&col=id&col=summary&col=status&col=owner&col=type&col=priority&col=milestone&order=priority

But I wonder if there is something like a roadmap that I haven't seen or
a very specific way to start helping on this front.

Right now the main thing we need is a motivated, interested maintainer to advance these goals.  This email sounds suspiciously like volunteering to be that :).

Basically, I'd hate to start working on sth and it overlapping with
someone else's work ;).

There's lots of other work in progress, but as you can see from most of them, most of this work is stalled.  I'm 100% sure that if you started working on some of these tickets, the people whose work you might duplicate would be overjoyed that someone had done that, so I don't think you need to worry about stepping on anyone's toes.

I checked a couple tickets, and see that there is definitely a need for
some cleanup, e.g. this one appears to be ready for closing
https://twistedmatrix.com/trac/ticket/5048
as it is marked as duplicate of a closed ticket.

Please go ahead and close it if you are reasonably sure of that!

Also, I recall this PR from early summer, which appears to have been
OK'd but is blocked by some failure in appveyor + buildbot:
https://github.com/twisted/twisted/pull/954

Sadly we don't have a queue of "already approved" tickets (that I know of and check, anyway) so if this is stuck, it would be best to put it back into review so it shows up on https://twisted.reviews/ and gets attention.

-glyph