On Aug 20, 2014, at 1:25 PM, David Conrad <[email protected]> wrote:
> On Aug 20, 2014, at 6:36 AM, Marco Davids (SIDN) <[email protected]> wrote: >> Speaking of client-side validation, Bloodhound might also proof to be >> worthwhile. I like it: >> https://www.dnssec-tools.org/wiki/index.php/Bloodhound > > Briefly looking at the source for libval (which Bloodhound uses), it does not > appear 5011 is supported (unsurprisingly). Hi David, The trustman tool (https://www.dnssec-tools.org/wiki/index.php/Template:Trustman_ShortTorial) was written specifically for the purpose of doing RFC 5011-compliant automated trust anchor rollover. libval will perform validation using trust anchors configured in the dnsval.conf file; trustman keeps the dnsval.conf file up to date. However, your point is valid: Bloodhound does not ship with trustman currently, but maybe it should. I’ll look into it. Thanks! Suresh
