Module keytag

EDNS options to signal the trust anchor key used in DNSSEC validation.

The option in this module – KeyTag – is used by validating resolvers when querying for DNSKEY records to indicate the key tags of the trust anchor keys they will be using when validating responses. This is intended as a means to monitor key uses during root key rollovers.

The option is defined in RFC 8145 along with detailed rules for who includes this option when.

Structs

KeyTag

Option data for the edns-key-tag option.

KeyTagIter

An iterator over the key tags in an edns-key-tags value.