Files
bind9/bin/tests/system/dnssec
Mark Andrews 3d642f46f2 dnssec/signer/general: Replace RSASHA1 keys with RSASHA512 keys
RSASHA1 is verify only in FIPS mode. Use RSASHA256 instead.

(cherry picked from commit 9c6de6d12d)
2022-10-03 13:28:25 +02:00
..
2022-06-08 13:34:19 +02:00
2022-10-03 13:19:33 +02:00

Copyright (C) Internet Systems Consortium, Inc. ("ISC")

SPDX-License-Identifier: MPL-2.0

This Source Code Form is subject to the terms of the Mozilla Public
License, v. 2.0.  If a copy of the MPL was not distributed with this
file, you can obtain one at https://mozilla.org/MPL/2.0/.

See the COPYRIGHT file distributed with this work for additional
information regarding copyright ownership.

The test setup for the DNSSEC tests has a secure root.

ns1 is the root server.

ns2 and ns3 are authoritative servers for the various test domains.

ns4 is a caching-only server, configured with the correct trusted key
for the root.

ns5 is a caching-only server, configured with the an incorrect trusted
key for the root.  It is used for testing failure cases.

ns6 is an caching and authoritative server used for testing unusual
server behaviors such as disabled DNSSEC algorithms.

ns7 is used for checking non-cacheable answers.

ns8 is a caching-only server, configured with unsupported and disabled
algorithms.  It is used for testing failure cases.

ns9 is a forwarding-only server.