BIND 10 #1579: Update database ZoneFinder::find() for negative cases of NSEC3-signed zones
BIND 10 Development
do-not-reply at isc.org
Tue Mar 20 17:42:27 UTC 2012
#1579: Update database ZoneFinder::find() for negative cases of NSEC3-signed zones
-------------------------------------+-------------------------------------
Reporter: | Owner: haikuo
jinmei | Status: reviewing
Type: task | Milestone:
Priority: | Sprint-20120403
medium | Resolution:
Component: data | Sensitive: 0
source | Sub-Project: DNS
Keywords: | Estimated Difficulty: 5
Defect Severity: N/A | Total Hours: 0
Feature Depending on Ticket: |
Add Hours to Ticket: 0 |
Internal?: 0 |
-------------------------------------+-------------------------------------
Comment (by jinmei):
Replying to [comment:17 haikuo]:
> > - I just noticed the ticket summary was not clear enough (sorry about
> > that): We need to set the NSEC3 flag for wildcard cases (even if
> > they are not "negative"), too. Even if we forget wildcard itself,
> > we still need to cover the case where wildcard attempt fails with
> > NXDOMAIN (see findWildcardMatch).
> >
> Jinmei, you said we should set the NSEC3 flag whenever the wildcard
cases is "negative".
> why don't we append NSEC3 flag to the result for all cases if the zone
is signed by NSEC3 in find() function? and that is better for upper
layer's analysis.
We discussed this on jabber. But for the record, in short: because
they are not needed in other cases.
--
Ticket URL: <http://bind10.isc.org/ticket/1579#comment:18>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list