Maintained by: NLnet Labs

validation of DSA signatures

Jan Včelák
Wed Jan 13 15:14:04 CET 2016


Hello.

On Wednesday, January 13, 2016 02:51:12 PM W.C.A. Wijngaards wrote:
> These signatures are produced by (an old?) signer.  Unbound is
> compatible with its quirks.  DSA is almost not deployed at all for
> DNSSEC, and the signer may already have been fixed for a long time.
> Unbound is compatible to remove false-positives from validation
> failures as much as possible.

That makes sense. Thank you for explanation.

Cheers,

Jan