summaryrefslogtreecommitdiff
path: root/src/resolve/resolved-dns-trust-anchor.c
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2016-01-07 12:56:38 +0100
committerLennart Poettering <lennart@poettering.net>2016-01-11 19:39:59 +0100
commit0f87f3e8e72bef1b951a1ee97c4e976e924f7912 (patch)
tree592ed7e1304d022f4ed97b85761d1e084630f4bc /src/resolve/resolved-dns-trust-anchor.c
parent0f23174c5c21f90929b3ee39fee48b774949510d (diff)
resolved: look for revoked trust anchors before validating a message
There's not reason to wait for checking for revoked trust anchors until after validation, after all revoked DNSKEYs only need to be self-signed, but not have a full trust chain. This way, we can be sure that all trust anchor lookups we do during validation already honour that some keys might have been revoked.
Diffstat (limited to 'src/resolve/resolved-dns-trust-anchor.c')
0 files changed, 0 insertions, 0 deletions