[ldns-users] LDNS and opt-out NSEC3 validation
John Barnitz
john.barnitz at gmail.com
Mon Apr 23 17:02:08 UTC 2012
I am using LDNS to query the net zone for a DS record of a domain,
for example, sample.net. The net zone is opt-out, so I get back NSEC3
records and NOERROR. I am using ldns_dnssec_verify_denial_nsec3 to
validate the response. I always get back
LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED as a result code. Can anyone
help me determine what is wrong, or is there a different function I
should be using? Let me know if you need any more information.
Thanks,
John Barnitz
More information about the ldns-users
mailing list