[dns-operations] Trouble with qa.ws.igt.fiscal.treasury.gov

Petr Špaček pspacek at isc.org
Wed Oct 19 10:02:28 UTC 2022


On 18. 10. 22 17:58, Viktor Dukhovni wrote:
> By the way is the validation workflow used in BIND written up somewhere
> as a separate document, or are the comments in the code the best way to
> understand how BIND validates names below a trust anchor (finding either
> a valid signature or an insecure delegation).

Code is your guide :-)

Now seriously: I don't think documenting it neither
a) necessary
b) good idea

It can change between versions, and we certainly do not want people to 
depend on particular behavior. We want people to follow protocol!

-- 
Petr Špaček
Internet Systems Consortium




More information about the dns-operations mailing list