[dns-operations] [DNSSEC] Looking for a zone verification tool

[Wolfgang Nagele]

Hi,

> Do you have requirements for what sorts of DNSSEC errors that the tool can discover?
> Just bad/expired signatures? malformation of the NSEC3 chain?  Missing signatures?
> Policy violations?
As a general requirement I think it is safe to say that this thing should
eventually spot anything that would make a validating resolver trip.

Regards,
Wolfgang