+--On 14 juillet 2010 18:38:44 +0200 Matthijs Mekking
<matth...@nlnetlabs.nl> wrote:
| -----BEGIN PGP SIGNED MESSAGE-----
| Hash: SHA1
| 
| Hi Mathieu,
| 
| I believe that it is correct that the signer puts that much NSEC3
| records in the zone. It has two for the domain names
| d.0.1.f.f.8.f.4.2.0.0.2.ip6.arpa. and
| 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.d.0.1.f.f.8.f.4.2.0.0.2.ip6.arpa.
| 
| and 19 for the empty non-terminals that exist between these two domain
| names.
|
| So perhaps the auditor is complaining unjust.

Well, that was my point to begin with, there are either too many nsec3
thingies, or the auditor has a bug :-)

-- 
Mathieu Arnold
_______________________________________________
Opendnssec-user mailing list
Opendnssec-user@lists.opendnssec.org
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user

Reply via email to