| Age | Commit message (Expand) | Author |
|---|
| 2016-01-25 | resolved: don't insist in RRSIG metadata for NSEC3 RRs that have not been aut... | Lennart Poettering |
| 2016-01-25 | update DNSSEC TODO | Lennart Poettering |
| 2016-01-25 | resolved: log each time we increase the DNSSEC verdict counters | Lennart Poettering |
| 2016-01-25 | resolve: use different bitmap checking rules when we find an exact NSEC3 matc... | Lennart Poettering |
| 2016-01-18 | update DNSSEC TODO | Lennart Poettering |
| 2016-01-18 | resolved: rework IDNA logic | Lennart Poettering |
| 2016-01-17 | resolved: update DNSSEC TODO | Lennart Poettering |
| 2016-01-17 | resolved: update RFCs list and TODO list | Lennart Poettering |
| 2016-01-17 | resolved: complete NSEC non-existance proofs | Lennart Poettering |
| 2016-01-17 | resolved: make sure the NSEC proof-of-non-existance check also looks for wild... | Lennart Poettering |
| 2016-01-17 | resolved: on negative NODATA replies, properly deal with empty non-terminals | Lennart Poettering |
| 2016-01-17 | resolved: rename dnssec_verify_dnskey() → dnssec_verify_dnskey_by_ds() | Lennart Poettering |
| 2016-01-17 | resolved: be stricter when using NSEC3 | Lennart Poettering |
| 2016-01-17 | resolved: when validating an RRset, store information about the synthesizing ... | Lennart Poettering |
| 2016-01-17 | resolved: do not use NSEC RRs from the wrong zone for proofs | Lennart Poettering |
| 2016-01-17 | resolved: ignore DS RRs without generating an error if they use an unsupporte... | Lennart Poettering |
| 2016-01-17 | resolved: some RR types may appear only or not at all in a zone apex | Lennart Poettering |
| 2016-01-13 | resolved: implement the full NSEC and NSEC3 postive wildcard proofs | Lennart Poettering |
| 2016-01-13 | resolved: refuse validating wildcard RRs for SOA, NSEC3, DNAME | Lennart Poettering |
| 2016-01-13 | resolved: properly handles RRs in domains beginning in an asterisk label | Lennart Poettering |
| 2016-01-13 | resolved: optimize dnssec_verify_rrset() a bit | Lennart Poettering |
| 2016-01-13 | resolved: allocate bounded strings on stack instead of heap, if we can | Lennart Poettering |
| 2016-01-13 | resolved: consider inverted RRSIG validity intervals expired | Lennart Poettering |
| 2016-01-11 | resolved: properly look for NSEC/NSEC3 RRs when getting a positive wildcard r... | Lennart Poettering |
| 2016-01-11 | resolved: split up nsec3_hashed_domain() into two calls | Lennart Poettering |
| 2016-01-11 | resolved: drop flags unused parameter from nsec3_is_good | Lennart Poettering |
| 2016-01-11 | basic: introduce generic ascii_strlower_n() call and make use of it everywhere | Lennart Poettering |
| 2016-01-11 | resolved: use dns_answer_size() where appropriate to handle NULL DnsAnswer | Lennart Poettering |
| 2016-01-11 | resolved: rename suffix_rr → zone_rr | Lennart Poettering |
| 2016-01-11 | resolved: fix NSEC3 iterations limit to what RFC5155 suggests | Lennart Poettering |
| 2016-01-06 | update DNSSEC TODO | Lennart Poettering |
| 2016-01-05 | update DNSSEC TODO | Lennart Poettering |
| 2016-01-05 | resolved,networkd: add a per-interface DNSSEC setting | Lennart Poettering |
| 2016-01-05 | resolved: rename "downgrade-ok" mode to "allow-downgrade" | Lennart Poettering |
| 2016-01-05 | resolved: when caching negative responses, honour NSEC/NSEC3 TTLs | Lennart Poettering |
| 2016-01-04 | update DNSSEC TODO | Lennart Poettering |
| 2016-01-04 | resolved: partially implement RFC5011 Trust Anchor support | Lennart Poettering |
| 2016-01-04 | resolved: fix DNSSEC canonical ordering logic | Lennart Poettering |
| 2016-01-03 | resolved: never authenticate RRsets with revoked keys | Lennart Poettering |
| 2016-01-03 | resolved: print a log message when we ignore an NSEC3 RR with an excessive am... | Lennart Poettering |
| 2016-01-03 | Merge pull request #2255 from teg/resolved-fixes-2 | Lennart Poettering |
| 2016-01-03 | resolved: add negative trust anchro support, and add trust anchor configurati... | Lennart Poettering |
| 2016-01-03 | resolved: dnssec - properly take wildcards into account in NESC3 proof | Tom Gundersen |
| 2016-01-03 | resolved: dnssec - factor out hashed domain generation | Tom Gundersen |
| 2016-01-03 | resolved: don't conclude NODATA if CNAME exists | Tom Gundersen |
| 2016-01-02 | resolved: don't accept NSEC3 iteration fields unbounded | Lennart Poettering |
| 2016-01-01 | resolved: dnssec - add reference to the algorithm we implement | Tom Gundersen |
| 2016-01-01 | resolved: dnssec - prepend hashed labels to zone name | Tom Gundersen |
| 2016-01-01 | resolved: dnssec - rename some variables | Tom Gundersen |
| 2016-01-01 | resoled: dnssec - don't refuse to verify answer due to too many unrelated RRs | Tom Gundersen |
