[bind10-dev] tentative results of 1696 (system-level testing of examples in 5155)
Jelte Jansen
jelte at isc.org
Wed Feb 22 12:15:15 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hiya,
I have not completely finished the ticket, but I wanted to share
intermediate results, as one test pointed out a bug in the general
DNSSEC handling:
When constructing a wildcard response, the RRSIG of the wildcard is
not added to the answer section (triggered by the example in 5155
appendix B.4). It occurs both on NSEC and NSEC3 zones. I submitted
ticket #1701 for this, and put it into this sprint (oooh).
All other tests succeeded.
I did notice (also for B.4), that on wildcard responses, bind9 seems
to add another NSEC3 record to the auth section. But have not really
looked much into this.
(if you want to see bind9 answer, that example zone is currently
served on ns.tjeb.nl, but I'll probably remove it again somewhere soonish)
Jelte
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk9E3FMACgkQ4nZCKsdOncWtYgCdF5TcfiLFMAvKtTHHoP1K9lmz
O+wAn0pSfsMBozg649NaSdCaNTYLYKl3
=zb5V
-----END PGP SIGNATURE-----
More information about the bind10-dev
mailing list