Closed jimmy-bergman-robo10 closed 6 months ago
With NSEC3PARAM 1 0 0 - (disregarding the fact that - was disallowed in the powerdns_nsec3_salt validation before this PR) the following was the result:
Before the PR: https://dnsviz.net/d/wap.pdnstest.roboten-infra.com/ZgK4mg/dnssec/
Notice the bogus response for a record expanded from a wildcard.
After this PR: https://dnsviz.net/d/wap.pdnstest.roboten-infra.com/ZgK43g/dnssec/
Notice that now the response validates OK for the same record expanded from the wildcard.
With NSEC3PARAM 1 0 0 - (disregarding the fact that - was disallowed in the powerdns_nsec3_salt validation before this PR) the following was the result:
Before the PR: https://dnsviz.net/d/wap.pdnstest.roboten-infra.com/ZgK4mg/dnssec/
Notice the bogus response for a record expanded from a wildcard.
After this PR: https://dnsviz.net/d/wap.pdnstest.roboten-infra.com/ZgK43g/dnssec/
Notice that now the response validates OK for the same record expanded from the wildcard.