23 lines
787 B

* Complete CNAME response validation code.
This differs from the original Unbound code in that it can only
validate CNAME/DNAME chains as long as we have the exact keys for
each element of the chain. The Unbound (java) version solved this
by requerying for each element of the CNAME chain and validating
each element independently (that is, it could construct a chain of
trust to each link separately).
* Add way to report errors and validation failure conditions.
For the TAT handler, what we want is a way to fetch all of the
various reason why a validation failed, so it can be spit out in the
test results. A globally available vector of error messages? Pass
around a vector of error messages?
* Create the TAT handler that uses this bit of code.