rrcache: don't store NSEC3 and their signatures (!225) · Merge requests · Knot projects / Knot Resolver · GitLab

GitLab now enforces expiry dates on tokens that originally had no set expiration date. Those tokens were given an expiration date of one year later. Please review your personal access tokens, project access tokens, and group access tokens to ensure you are aware of upcoming expirations. Administrators of GitLab can find more information on how to identify and mitigate interruption in our documentation.

Self sign-up has been disabled due to increased spam activity. If you want to get access, please send an email to a project owner (preferred) or at gitlab(at)nic(dot)cz. We apologize for the inconvenience.

Vladimír Čunát requested to merge rrcache-no-nsec3 into master Mar 02, 2017

They would end up cached by their hashed owner names and then even returned if explicitly queried by that hashed name, which is not correct: https://tools.ietf.org/html/rfc4035#section-2.3

Internally we only need these for non-existence proofs, and those are stored in pktcache instead.