我想验证查询响应的DS记录。当我从服务器获得响应时,我使用库提供的函数 -
>>> ret = dns.dnssec.validate(response_k.authority[1],response_k.authority[2],{name:response_k.authority[1]})
Traceback (most recent call last): File "", line 1, in File "/usr/local/lib/python2.7/dist-packages/dns/dnssec.py", line 421, in _validate raise ValidationFailure("no RRSIGs validated") dns.dnssec.ValidationFailure: no RRSIGs validated
其中: 请求是这样的 -
request_k = dns.message.make_query('example.com',dns.rdatatype.A,want_dnssec=True)
response_k = dns.query.udp(request_k, '.')
>>> print response_k.authority
[<DNS com. IN NS RRset>, <DNS com. IN DS RRset>, <DNS com. IN RRSIG(DS) RRset>]
name=dns.name.from_text('.')
知道哪里出错了?