Proposed Standardized TXT format for certis

[trbouma]

Proposed standardized way to add public key information in a DNS TXT record
Use the URI scheme, so it can be easily parsed.

TXT record in the format of "cert:secp256k1/ecdsa?kid=02300d753f822691b63c0c79134aa2069c946768600a3fb32b6078b8209e75d203"

scheme is "cert"
path is curve/algoriithm eg.: "secp256k1/ecdsa", "secp256k1/ecdsarecovery", "secp256k1/schnorr", etc,
query contains parameters, e.g. "kid" is hex encoded string of public key.

This allows any curve/algorithm to be easily specified, and the urllib library makes it easy to parse out any additional parameters, if required.

Also use _cert_ as standardized qualifier.

code snippet on how to parse.

# Example of how to parse a TXT Record
from urllib.parse import parse_qs
from urllib.parse import urlparse

# get record from DNS TXT record e;g., _cert.example.com
certificate_record = "cert:secp256k1/ecdsa?kid=02300d753f822691b63c0c79134aa2069c946768600a3fb32b6078b8209e75d203"

parsed_record = urlparse(certificate_record)
parsed_dict = parse_qs(parsed_record.query)

# Note that parse_qs returns each parameter as a list, so need to take element [0]

print(parsed_record.path)
print(parsed_dict)
pubkey = parsed_dict['kid'][0]