ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

Ignore trust anchors using disabled algorithm

Browse Source 
More specifically: ignore configured trusted and managed keys that
match a disabled algorithm.  The behavioral change is that
associated responses no longer SERVFAIL, but return insecure.
This commit is contained in:
Matthijs Mekking
2019-01-15 11:32:53 +01:00
parent 07c35f32f9
commit 1d45ad8f39
18 changed files with 495 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
bin/tests/system/dnssec/README
View File

@@ -17,3 +17,6 @@ key for the root. It is used for testing failure cases.
ns6 is a caching-only server configured to use DLV.
ns7 is used for checking non-cacheable answers.
ns8 is a caching-only server, configured with unsupported and disabled
algorithms. It is used for testing failure cases.