[bind10-dev] tentative results of 1696 (system-level testing of examples in 5155)
Jelte Jansen
jelte at isc.org
Fri Feb 24 15:30:27 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 02/23/2012 08:26 PM, JINMEI Tatuya / 神明達哉 wrote:
> At Wed, 22 Feb 2012 13:15:15 +0100, Jelte Jansen <jelte at isc.org>
> wrote:
>
>> I did notice (also for B.4), that on wildcard responses, bind9
>> seems to add another NSEC3 record to the auth section. But have
>> not really looked much into this.
>
> That's probably an old bug, maybe this one?
>
> 3175. [bug] Fix how DNSSEC positive wildcard responses from a
> NSEC3 signed zone are validated. Stop sending a unnecessary NSEC3
> record when generating such responses. [RT #26200]
>
> If I test it with a very recent one (a recent head CVS repo
> version) BIND 9 returns the correct answer.
>
could be, I am running 9.8.1 right now, and I must confess I have not
really looked into this any further
Jelte
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk9HrRMACgkQ4nZCKsdOncU1WwCeIAzfohefqGuWi5c3ZlrzsZK3
Tj4AoK1yGA3ecQfepbAKCBChHHaaZpUH
=8jmd
-----END PGP SIGNATURE-----
More information about the bind10-dev
mailing list