Bug#702507: ITP: validns -- high performance DNS/DNSSEC zone validator
Package: wnpp
Severity: wishlist
Owner: "Casper Gielen" <casper-alioth@gielen.name>
* Package name : validns
Version : 0.6
Upstream Author : Anton Berezin <tobez@tobez.org>
* URL : http://http://www.validns.net/
* License : BSD
Programming Lang: C
Description : high performance DNS/DNSSEC zone validator
Validns is a standalone command line RFC 1034/1035 zone file validation tool
that, in addition to basic syntactic and semantic zone checks, includes DNSSEC
signature verification and NSEC/NSEC3 chain validation, as well a number of
optional policy checks on the zone.
.
The utility was developed with the goal of it being the last verification step
in the chain of production and publication of one or more zones containing up
to many thousands (or millions) of signed records, making the speed of
operation a primary focus, and reflect on validns’ design.
.
The utility is currently being used by several major DNS operators.
.
Currently, validns offers the following features:
- parse RFC 1035-compliant zone files (so called “BIND” file format)
- supports most of the standard record types
- informs the user precisely where and what the errors are
- verifies RRSIG signatures
- NSEC/NSEC3 chain validation
- supports signature validation in the future or in the past
- built-in policy checks
Reply to: