BIND 10 #1176: RRSIG support in new data source
BIND 10 Development
do-not-reply at isc.org
Tue Sep 6 09:50:46 UTC 2011
#1176: RRSIG support in new data source
-------------------------------------+-------------------------------------
Reporter: | Owner: vorner
jinmei | Status: reviewing
Type: task | Milestone:
Priority: major | Sprint-20110830
Component: data | Resolution:
source | Sensitive: 0
Keywords: | Sub-Project: DNS
Defect Severity: N/A | Estimated Difficulty: 0
Feature Depending on Ticket: | Total Hours: 0
Add Hours to Ticket: 0 |
Internal?: 0 |
-------------------------------------+-------------------------------------
Changes (by jelte):
* owner: jelte => vorner
Comment:
Replying to [comment:9 vorner]:
>
> > Just to make sure, do we have an explicit test to check that DNSSEC
data is NOT
> > included in the final answer when not asked for?
>
> Hmm, tested where? On the database backend or on the query? Not that
there would be one in any of them, but the database backend has returning
them allowed.
>
Yeah I saw that :) When I read that before I looked at the code it made me
worry we might accidentally return DNSSEC data if the DO bit is not set,
so on the query level (unless we intend to handle it on an even higher
level)
I now see that exactMatch does indeed check this, perhaps we could add a
comment there saying that it is so.
IMO it can be merged.
--
Ticket URL: <http://bind10.isc.org/ticket/1176#comment:10>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list