Open Bug 748232 Opened 13 years ago Updated 4 days ago

add optional dnssec local validation (via dnssec-tools libs)

Categories

(NSPR :: NSPR, defect)

Product:
NSPR
Component:
NSPR
Platform:
x86_64
Linux
Type:
defect

Tracking

(Not tracked)

People

(Reporter: rs, Unassigned)

Details

Attachments

(8 files)

fix getaddr detection
14.22 KB, patch
Details | Diff | Splinter Review
add nspr log module for dns
20.59 KB, patch
Details | Diff | Splinter Review
configure/makefile changes
57.72 KB, patch
Details | Diff | Splinter Review
dnssec error codes/text
3.48 KB, patch
Details | Diff | Splinter Review
factor out some code into smaller functions (used in next patch)
6.52 KB, patch
Details | Diff | Splinter Review
add dnssec to headers
15.79 KB, patch
Details | Diff | Splinter Review
add dnssec validation/async api
37.24 KB, patch
Details | Diff | Splinter Review
update pr/test/getai for testing dnssec/async
8.06 KB, patch
Details | Diff | Splinter Review
This series of patches adds optional local dnssec validation to NSPR. When enabled, dns requests are handled by the libval library from the DNSSEC-Tools project. Additionally, an API is added for asynchronous handling of DNSSEC requests. A tiny piece of this patch was previously submitted as Bug 685524. The first two patches were also previously submitted as Bug 699055 and Bug 743705. Tested on Linux, Mac OS X, mingw32 (cross-compiled on Linux).
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true

The bug assignee didn't login in Bugzilla in the last 7 months.
:KaiE, could you have a look please?
For more information, please visit auto_nag documentation.

Assignee: wtc → nobody
Status: ASSIGNED → NEW
Flags: needinfo?(kaie)
Flags: needinfo?(kaie)
Severity: normal → S3

The severity field for this bug is relatively low, S3. However, the bug has 11 votes.
:KaiE, could you consider increasing the bug severity?

For more information, please visit auto_nag documentation.

Flags: needinfo?(kaie)

The last needinfo from me was triggered in error by recent activity on the bug. I'm clearing the needinfo since this is a very old bug and I don't know if it's still relevant.

Flags: needinfo?(kaie)

In the recent ICANN Registrations Operation Workshop 30th September 2025, the following data was shared about DNSSEC Validation Rates

  • Region / Rate / Increase since 2023

  • Asia 32% +4%

  • Oceania 54% +11%

  • Africa 46% +15%

  • Americas 37% +4%

  • Europe 48% +8%

DNSSEC is being used, its growing and support is required within the browser, this of course would require a change on DANE support

https://regiops.net/event/14th-registration-operations-workshop-row14-online-event

You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: