Verify "key tag" field in RRSIG, DS and CERT RRs(?) #87
Description
RFC4034, Appendix B outlines an algorithm to use for coming up with the "key tag". To my knowledge, at least in NSD, the value is not verified. Strictly speaking, it doesn't have to, but I'm wondering how and if the "key tag" is actually used (it's meant for quick selection). For RRSIG and DS records there's decent tooling to sign a zone and users probably do not have to worry about coming up with it, for CERT records, that doesn't seem to be the case.