validation of DSA signatures
Jan Včelák
jan.vcelak at nic.cz
Wed Jan 13 14:14:04 UTC 2016
Hello.
On Wednesday, January 13, 2016 02:51:12 PM W.C.A. Wijngaards wrote:
> These signatures are produced by (an old?) signer. Unbound is
> compatible with its quirks. DSA is almost not deployed at all for
> DNSSEC, and the signer may already have been fixed for a long time.
> Unbound is compatible to remove false-positives from validation
> failures as much as possible.
That makes sense. Thank you for explanation.
Cheers,
Jan
More information about the Unbound-users
mailing list