[dns-operations] Alternatives to ldns-verify-zone

Matthew Pounsett matt at conundrum.com
Thu Sep 22 21:19:11 UTC 2016

On 22 September 2016 at 16:30, Robert Edmonds <edmonds at mycre.ws> wrote:

> John Levine wrote:
> > In article <57822085-036c-804b-0457-bf9eccea7412 at centralnic.com> you
> write:
> > >Hi Everyone,
> > >
> > >We've been using ldns-verify-zone to check and validate our zones
> > >including DNSSEC validation. It's a great tool and we've been using it
> > >for years, but the latest stable release is Jan/2014.
> >
> > As far as I know, nothing about DNSSEC has changed since 2014.  Why is
> > it a problem that a tool hasn't changed since then?  Maybe the Dutch
> > write well debugged code.
> This means that even bug-free general purpose DNS libraries need to be
> updated regularly to support new RR types—if only because a user wants
> to use a new RR type.
> There also happen to be 33 bugs currently open against ldns, most of which
are still marked as "new" (not yet assigned to anyone to fix).  The
earliest of these is from 2012, but most seem to be in the 2014 to 2015
range.  ldns looks abandoned; I don't see any reason anyone looking at the
NLNet pages would assume otherwise.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20160922/b69eb4b3/attachment-0001.html>

More information about the dns-operations mailing list