mirror of
https://github.com/isc-projects/bind9.git
synced 2026-04-27 09:06:51 -04:00
1d45ad8f39
More specifically: ignore configured trusted and managed keys that match a disabled algorithm. The behavioral change is that associated responses no longer SERVFAIL, but return insecure.
22 lines
723 B
Text
22 lines
723 B
Text
Copyright (C) Internet Systems Consortium, Inc. ("ISC")
|
|
|
|
See COPYRIGHT in the source root or http://isc.org/copyright.html for terms.
|
|
|
|
The test setup for the DNSSEC tests has a secure root.
|
|
|
|
ns1 is the root server.
|
|
|
|
ns2 and ns3 are authoritative servers for the various test domains.
|
|
|
|
ns4 is a caching-only server, configured with the correct trusted key
|
|
for the root.
|
|
|
|
ns5 is a caching-only server, configured with the an incorrect trusted
|
|
key for the root. It is used for testing failure cases.
|
|
|
|
ns6 is a caching-only server configured to use DLV.
|
|
|
|
ns7 is used for checking non-cacheable answers.
|
|
|
|
ns8 is a caching-only server, configured with unsupported and disabled
|
|
algorithms. It is used for testing failure cases.
|