409N/ACopyright (C) 2015-2017 Internet Systems Consortium, Inc. ("ISC")
49N/AThis Source Code Form is subject to the terms of the Mozilla Public
49N/ALicense, v. 2.0. If a copy of the MPL was not distributed with this
49N/AThis is for testing managed-keys, in particular with problems
49N/Awith RFC 5011 Automated Updates of DNSSEC Trust Anchors.
49N/Ans1 is the root server that offers new KSKs and hosts one record for
49N/Atesting. The TTL for the zone's records is 2 seconds.
49N/Ans2 is a validator that uses managed-keys. "-T mkeytimers=2/20/40"
49N/Ais used so it will attempt do automated updates frequently. "-T tat=1"
49N/Ais used so it will send TAT queries once per second.
49N/Ans3 is a validator with a broken key in managed-keys.
49N/A- initial working KSK
49N/ATODO: test using delv with new trusted key too
49N/A- introduce a REVOKE bit
49N/A- later remove a signature
49N/A- corrupt a signature
49N/ATODO: also same things with dlv auto updates of trust anchor