Skip to content
Snippets Groups Projects

validate nitpick fix: unsupported algo edge case

Merged validate nitpick fix: unsupported algo edge case
ds-algo-nodata into master
Merged Vladimír Čunát requested to merge ds-algo-nodata into master

kr_dnskeys_trusted() semantics is changed, but I do NOT consider that a part of public API.

Go insecure due to algorithm support even if DNSKEY is NODATA. I can't see how that's relevant to practical usage, but I think this new behavior makes more sense. We still do try to fetch the DNSKEY even though we have information about its un-usability beforehand. I'd consider fixing that a premature optimization. We'll still be affected if the DNSKEY query SERVFAILs or something.

Edited by Vladimír Čunát

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
Please register or sign in to reply