upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-22 07:41:16 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

it could be worse

Browse source 
git-svn-id: file:///svn/unbound/trunk@1707 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
Wouter Wijngaards 2009-07-08 12:07:03 +00:00
parent f3b66c177b
commit 374a7f45c2
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
doc/TODO
View file

@ -210,6 +210,10 @@ Triggered by a trust anchor or by a signed DS record for a zone.
Advantage because if the zone is mildly broken, no time is spent redoing Advantage because if the zone is mildly broken, no time is spent redoing
stuff that was fine. Or after a spoof most other stuff is still there. stuff that was fine. Or after a spoof most other stuff is still there.
Disadvantage. After a sale the old data could linger for TTL time. Disadvantage. After a sale the old data could linger for TTL time.
* listing bad servers and trying again may not be good enough, since
a combinatorial explosion for DSxDNSKEYxdata is possible for every
signature validation (using different nameservers for DS, DNSKEY and
data, assuming only the right combination has a chain of trust to data).
later later