BIND 10 #1581: auth::Query NSEC3 support: No Data, non DS case
BIND 10 Development
do-not-reply at isc.org
Mon Feb 13 11:54:25 UTC 2012
#1581: auth::Query NSEC3 support: No Data, non DS case
-------------------------------------+-------------------------------------
Reporter: | Owner: vorner
jinmei | Status: reviewing
Type: task | Milestone:
Priority: major | Sprint-20120221
Component: | Resolution:
b10-auth | Sensitive: 0
Keywords: | Sub-Project: DNS
Defect Severity: N/A | Estimated Difficulty: 4
Feature Depending on Ticket: NSEC3 | Total Hours: 0
Add Hours to Ticket: 0 |
Internal?: 0 |
-------------------------------------+-------------------------------------
Changes (by jelte):
* owner: jelte => vorner
Comment:
only one trivial comment; the comment at query_unittest.cc:1656 says NSEC
instead of NSEC3.
Code itself looks ok, and can be merged. I do have a couple of (perhaps
more general) questions;
- Do we want or plan to do additional checks of the data we return (in
this specific case, for instance whether the NSEC3 we return actually
matches the queried name and disproves the type)? I'm guessing the answer
is no, it's the datasource's responsibility to provide the right data. But
just wondering :)
- The comment above the map of nsec3 hashes in query_unittest.cc suggests
these hashes are from RFC5155, and some of them do look like that, but
they have slightly different values in some cases, and the name->hash
relation also seems indirect (based on query, not the name used as the key
perhaps?). Neither case really matters at this point AFAICT, but it looks
weird :p (perhaps the comment needs to be updated)
--
Ticket URL: <http://bind10.isc.org/ticket/1581#comment:12>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list