Provided by: libzonemaster-perl_4.6.1-1_all bug

NAME

       Zonemaster::Engine::Test::DNSSEC - dnssec module showing the expected structure of
       Zonemaster test modules

SYNOPSIS

           my @results = Zonemaster::Engine::Test::DNSSEC->all($zone);

METHODS

       all($zone)
           Runs the default set of tests and returns a list of log entries made by the tests.

       metadata()
           Returns a reference to a hash, the keys of which are the names of all test methods in
           the module, and the corresponding values are references to lists with all the tags
           that the method can use in log entries.

       tag_descriptions()
           Returns a reference to a hash with translation functions. Used by the builtin
           translation system.

       policy()
           Returns a reference to a hash with the default policy for the module. The keys are
           message tags, and the corresponding values are their default log levels.

       version()
           Returns a version string for the module.

TESTS

       dnssec01($zone)
           Verifies that all DS records have digest types registered with IANA.

       dnssec02($zone)
           Verifies that all DS records have a matching DNSKEY.

       dnssec03($zone)
           Check iteration counts for NSEC3.

       dnssec04($zone)
           Checks the durations of the signatures for the DNSKEY and SOA RRsets.

       dnssec05($zone)
           Check DNSKEY algorithms.

       dnssec06($zone)
           Check for DNSSEC extra processing at child nameservers.

       dnssec07($zone)
           Check that both DS and DNSKEY are present.

       dnssec08($zone)
           Check that the DNSKEY RRset is signed.

       dnssec09($zone)
           Check that the SOA RRset is signed.

       dnssec10($zone)
           Check for the presence of either NSEC or NSEC3, with proper coverage and signatures.

       dnssec11($zone)
           Check that the delegation step from parent is properly signed.

       dnssec13($zone)
           Check that all DNSKEY algorithms are used to sign the zone.

       dnssec14($zone)
           Check for valid RSA DNSKEY key size

       dnssec15($zone)
           Check existence of CDS and CDNSKEY

       dnssec16($zone)
           Validate CDS

       dnssec17($zone)
           Validate CDNSKEY

       dnssec18($zone)
           Validate trust from DS to CDS and CDNSKEY