-
Notifications
You must be signed in to change notification settings - Fork 65
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Rewrite of the specification of DNSSEC03 #1189
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The specification reads well and I have not found any errors in the Test Procedure.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@tgreenx, thanks for your review!
@mustafa-alrifaee writes in #1177 (comment):
Both non-zero iteration and non-empty salt will result in message tags (DS03_ILLEGAL_ITERATION_VALUE and DS03_ILLEGAL_SALT_LENGTH, respectively) have ERROR level as default values according to the proposal. @mustafa-alrifaee, doesn't that meet your proposal? |
Test zones are now available in #1218. |
Follows speficiation update (zonemaster/zonemaster#1189). Note that Prefix Suffix List check (step 13.2.2.1) is not yet implemented, as this service is not yet provided by Zonemaster.
Follows specifiation update (zonemaster/zonemaster#1189). Note that Prefix Suffix List check (step 13.2.2.1) is not yet implemented, as this service is not yet provided by Zonemaster. Also note that this commit does not update unit tests yet.
Follows specifiation update (zonemaster/zonemaster#1189). Note that Prefix Suffix List check (step 13.2.2.1) is not yet implemented, as this service is not yet provided by Zonemaster. Also note that this commit does not update unit tests yet.
Co-authored-by: tgreenx <96772376+tgreenx@users.noreply.github.com>
…ultiple NSEC3 records
Co-authored-by: tgreenx <96772376+tgreenx@users.noreply.github.com>
@tgreenx and @marc-vanderwal, please re-review. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me!
Purpose
This is a complete rewrite of the specification for DNSSEC03:
Context
Resolves #1177, #1047, #1039 and #948. Resolves does not necessarily mean that this PR follow the issues, but when this PR has been completed those issues can be closed.
This PR introduces a new argument name, which means that Argument list must be updated (-> see #1190).
When this PR has been completed, the implementation must also be rewritten.
Test zones are available in #1218.
How to test this PR
Review the specification.