Bug#1095417: O: validns -- high performance DNS/DNSSEC zone validator
Package: wnpp
Control: affects -1 + src:validns
Severity: normal
Hi,
I intend to orphan the validns package.
I've just uploaded to sid with my name removed, and the name of not-DD Casper
Gielen removed.
It is C code, maintained using git on salsa, in the debian group. Latest
upstream commit was in August 2023, 2 years ago. I myself didn't do any work
on it since Dec 2016, after that the package saw some (much appreciated) NMU's
and Team Uploads.
The package description is:
Validns is a standalone command line RFC 1034/1035 zone file validation tool
that, in addition to basic syntactic and semantic zone checks, includes DNSSEC
signature verification and NSEC/NSEC3 chain validation, as well a number of
optional policy checks on the zone.
.
The utility was developed with the goal of it being the last verification step
in the chain of production and publication of one or more zones containing up
to many thousands (or millions) of signed records, making the speed of
operation a primary focus, and reflect on validns’ design.
.
The utility is currently being used by several major DNS operators.
.
Currently, validns offers the following features:
- parse RFC 1035-compliant zone files (so called “BIND” file format)
- supports most of the standard record types
- informs the user precisely where and what the errors are
- verifies RRSIG signatures
- NSEC/NSEC3 chain validation
- supports signature validation in the future or in the past
- built-in policy checks
Bye,
Joost
Reply to: