== nginx and openssl ==
Patches that add DNSSEC-TLS functionality to nginx 1.0.4 and openssl-1.0.0d can be found in the repository (see below). This requires the generation of a dnssec chain file (see the "ssl_dnssec_chain" option in The webserver 'nginx's conf/nginx.conf). The code to do this is also in the repository (see "generate.c"). Of course, this is useless without a client that also supports this functionality. A simple telnet-like client has been modified to send DNSSEC chains as a proof TLS extension. The details of concept (client.c). There is also how to set up such a patch that adds preliminary support for this mechanism in Firefox (as a patch on the mozillamodified server are [[Security/DNSSEC-TLS-central branch)nginx here]].
== Code Repository ==
Preliminary code for this project can be found [http://hg.mozilla.org/users/dkeeler_mozilla.com/dnssec-tls/ here].
