mirror of
https://github.com/isc-projects/bind9.git
synced 2026-02-26 11:32:01 -05:00
0cfb247368
3867. [func] "rndc nta" can now be used to set a temporary negative trust anchor, which disables DNSSEC validation below a specified name for a specified period of time (not exceeding 24 hours). This can be used when validation for a domain is known to be failing due to a configuration error on the part of the domain owner rather than a spoofing attack. [RT #29358] |
||
|---|---|---|
| .. | ||
| ns1 | ||
| ns2 | ||
| ns3 | ||
| ns4 | ||
| ns5 | ||
| ns6 | ||
| ns7 | ||
| signer | ||
| clean.sh | ||
| dnssec_update_test.pl | ||
| prereq.sh | ||
| README | ||
| setup.sh | ||
| tests.sh | ||
Copyright (C) 2004, 2011 Internet Systems Consortium, Inc. ("ISC")
Copyright (C) 2000-2002 Internet Software Consortium.
See COPYRIGHT in the source root or http://isc.org/copyright.html for terms.
$Id: README,v 1.10 2011/01/04 23:47:13 tbox Exp $
The test setup for the DNSSEC tests has a secure root.
ns1 is the root server.
ns2 and ns3 are authoritative servers for the various test domains.
ns4 is a caching-only server, configured with the correct trusted key
for the root.
ns5 is a caching-only server, configured with the an incorrect trusted
key for the root. It is used for testing failure cases.
ns6 is a caching-only server configured to use DLV.
ns7 is used for checking non-cacheable answers.