On Friday 25 Mar 2011 10:55:02 am Carsten Strotmann (Men & Mice) wrote: > Hello OpenDNSSEC community, > > in the light of the recent DNSSEC failures at some TLDs I've started to > collect a list of checks that should be applied to a DNSSEC signed zone > before it is deployed on a public authoritative server. > > OpenDNSSEC includes the Auditor, but I couldn't find any documentation > about the individual checks the Auditor does to a signed zone other than > reading the source (what I then did).
Hi there. There is a list of requirements for the auditor: http://trac.opendnssec.org/wiki/Signer/AuditorRequirements which is a complete list of the checks made, and how severe each case is considered to be. Cheers, Sion _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
