Provide a domain and a TXT content flag you want to discover and then verify all the way to ICANN.
On boom.fyi
, we have a TXT record with data-cert=hello_world
domain = "boom.fyi"
Collect data for our target TXT record flag (including all sigs etc). Then collect data for the entire chain back to root.
chain_data = collect_record(domain, 'data-cert=')
chain_data = collect_chain_data(domain, chain_data)
This all is stored off in chain_data.json
Now, verify.
verify_chain(domain, data)
Finally, it makes sure the last step was signed by keys that came from the root we already know. Stored in root_rrset.json
Since no exceptions were thrown, we’ll finally show what the value of our flag was set to:
show_verified_message(domain, data)