-
Michał Kępień authored
Extend check_dnskey_sigs() so that, if requested, it checks whether the DNSKEY RRset at zone apex is signed by at least one trust anchor. The trust anchor table is passed as an argument to dns_zoneverify_dnssec() and passed around in the verification context structure. Neither dnssec-signzone nor dnssec-verify are yet modified to make use of that feature, though.
fc3dd703