getdns_root_trust_anchor(3) getdns getdns_root_trust_anchor(3)

getdns_root_trust_anchor -- return the getdns list of default root trust anchors

DNS Resolver library (libgetdns, -lgetdns)

#include <getdns.h>

getdns_list *
getdns_root_trust_anchor (time_t *utc_date_of_anchor)

If an application wants the API to perform DNSSEC validation without using the extensions, it can use the getdns_validate_dnssec() helper function. The API will use the resource records in bundle_of_support_records to construct the validation chain and the DNSKEY or DS records in trust_anchor_records as trust anchors. The default list of trust anchor records that is used by the library to validate DNSSEC can be retrieved by using the getdns_root_trust_anchor helper function.

utc_date_of_anchor time the trust anchors were obtained in epoch seconds (on success)

Returns the default list of trust anchor records used by the library to validate DNSSEC or NULL if no default trust anchors are available.

TBD

getdns_validate_dnssec(3) libgetdns(3)

December 2015 getdns 1.7.3