I\'m fiddling with DNSSEC, and I\'d like to try to verify NSEC3 records generated by dnssec-signzone from bind9-utils (which I presume are valid). This
dnssec-signzone
bind9-utils
