2009-04-20 01:05:56 +00:00
|
|
|
TODO
|
|
|
|
|
|
|
|
* Complete CNAME response validation code.
|
|
|
|
|
|
|
|
This differs from the original Unbound code in that it can only
|
|
|
|
validate CNAME/DNAME chains as long as we have the exact keys for
|
|
|
|
each element of the chain. The Unbound (java) version solved this
|
|
|
|
by requerying for each element of the CNAME chain and validating
|
|
|
|
each element independently (that is, it could construct a chain of
|
|
|
|
trust to each link separately).
|
|
|
|
|
2009-04-20 00:57:24 +00:00
|
|
|
* Add way to report errors and validation failure conditions.
|
|
|
|
|
2009-04-20 01:05:56 +00:00
|
|
|
For the TAT handler, what we want is a way to fetch all of the
|
|
|
|
various reason why a validation failed, so it can be spit out in the
|
|
|
|
test results. A globally available vector of error messages? Pass
|
|
|
|
around a vector of error messages?
|
|
|
|
|
|
|
|
* Create the TAT handler that uses this bit of code.
|
|
|
|
|
|
|
|
|
|
|
|
|