[Opendnssec-develop] Support of APL in dnsruby
Alexd at nominet.org.uk
Alexd at nominet.org.uk
Tue Dec 8 14:30:21 UTC 2009
> We now got a request to implement support for APL in dnsruby from
> our "user" Olaf. Would it be difficult?
It's possible to implement. While we're on the subject, we should also
implement the HIP RR (signer support required), and possibly some/all
other Experimental RRs. Do we want to keep the signer and auditor in step
with regard to the RR types they support?
> And also that the Auditor should skip RR which it does not
> understand. But what would happen with NSEC/NSEC3 with this RR in its
bitmap?
The auditor should be able to note the type (which it didn't understand
the RR for) as occurring at the name, and then expect that type to appear
in the NSEC(3) bitmap, without understanding the RR itself. Of course, it
would not be able to verify the RRSIG for the RRSet of the unsupported
type - it would simply skip that check.
I could add this functionality if it was desired?
Thanks,
Alex.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-develop/attachments/20091208/9a1c7b79/attachment.htm>
More information about the Opendnssec-develop
mailing list