BIND signer should enforce RFC6840 Section 5.11
There are couple issues I found when investigating #1689 (closed):
- RSASHA256 CSK (SEP bit set), publish-only ED25519 ZSK
Verifying the zone using the following algorithms: RSASHA512.
Zone fully signed:
Algorithm: RSASHA512: KSKs: 1 active, 0 stand-by, 0 revoked
ZSKs: 0 active, 0 stand-by, 0 revoked
Algorithm: ED25519: KSKs: 0 active, 0 stand-by, 0 revoked
ZSKs: 0 active, 1 stand-by, 0 revoked
- RSASHA256 CSK (SEP bit set), ED25519 ZSK (treated as CSK)
Verifying the zone using the following algorithms: RSASHA512 ED25519.
Zone fully signed:
Algorithm: RSASHA512: KSKs: 1 active, 0 stand-by, 0 revoked
ZSKs: 0 active, 0 stand-by, 0 revoked
Algorithm: ED25519: KSKs: 0 active, 0 stand-by, 0 revoked
ZSKs: 1 active, 0 stand-by, 0 revoked
- Single ZSK key (no SEP bit) is treated as CSK
Verifying the zone using the following algorithms: ED25519.
Zone fully signed:
Algorithm: ED25519: KSKs: 0 active, 0 stand-by, 0 revoked
ZSKs: 1 active, 0 stand-by, 0 revoked
All of these scenarios should be rejected both by dnssec-signzone
and inline signing.