[bind10-dev] tentative results of 1696 (system-level testing of examples in 5155)
JINMEI Tatuya / 神明達哉
jinmei at isc.org
Thu Feb 23 19:26:44 UTC 2012
At Wed, 22 Feb 2012 13:15:15 +0100,
Jelte Jansen <jelte at isc.org> wrote:
> I did notice (also for B.4), that on wildcard responses, bind9 seems
> to add another NSEC3 record to the auth section. But have not really
> looked much into this.
That's probably an old bug, maybe this one?
3175. [bug] Fix how DNSSEC positive wildcard responses from a
NSEC3 signed zone are validated. Stop sending a
unnecessary NSEC3 record when generating such
responses. [RT #26200]
If I test it with a very recent one (a recent head CVS repo version)
BIND 9 returns the correct answer.
---
JINMEI, Tatuya
More information about the bind10-dev
mailing list