BIND 10 #601: but in handling out-of-range DNSSEC times
BIND 10 Development
do-not-reply at isc.org
Wed Feb 23 08:11:34 UTC 2011
#601: but in handling out-of-range DNSSEC times
-------------------------------------+-------------------------------------
Reporter: jinmei | Owner:
Type: defect | UnAssigned
Priority: major | Status: new
Component: DNSPacket API | Milestone: A-Team-
Sensitive: 0 | Task-Backlog
Add Hours to Ticket: 0 | Keywords:
Total Hours: 0 | Estimated Number of Hours: 0
| Billable?: 1
| Internal?: 0
-------------------------------------+-------------------------------------
This is an (originally unintended) continuation of #174.
According to Rob Austein our current implementation of DNSSEC time
(which is actually compatible with BIND 9) isn't correct:
- we should allow pre-epoch time such as 19691231000000 as long as it's
in the valid 68-year range.
- we should reject (in the 32-bit mode) out-of-range time format such as
21000101000000
In practice, these would be minor, but since we've recently completed
#174,
it would make sense to fix it using this opportunity.
--
Ticket URL: <http://bind10.isc.org/ticket/601>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list