.\" Automatically generated by Pod::Man 2.23 (Pod::Simple 3.14)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings.  \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote.  \*(C+ will
.\" give a nicer C++.  Capital omega is used to do unbreakable dashes and
.\" therefore won't be available.  \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
.    ds -- \(*W-
.    ds PI pi
.    if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
.    if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\"  diablo 12 pitch
.    ds L" ""
.    ds R" ""
.    ds C` ""
.    ds C' ""
'br\}
.el\{\
.    ds -- \|\(em\|
.    ds PI \(*p
.    ds L" ``
.    ds R" ''
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\"
.\" If the F register is turned on, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD.  Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.ie \nF \{\
.    de IX
.    tm Index:\\$1\t\\n%\t"\\$2"
..
.    nr % 0
.    rr F
.\}
.el \{\
.    de IX
..
.\}
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear.  Run.  Save yourself.  No user-serviceable parts.
.    \" fudge factors for nroff and troff
.if n \{\
.    ds #H 0
.    ds #V .8m
.    ds #F .3m
.    ds #[ \f1
.    ds #] \fP
.\}
.if t \{\
.    ds #H ((1u-(\\\\n(.fu%2u))*.13m)
.    ds #V .6m
.    ds #F 0
.    ds #[ \&
.    ds #] \&
.\}
.    \" simple accents for nroff and troff
.if n \{\
.    ds ' \&
.    ds ` \&
.    ds ^ \&
.    ds , \&
.    ds ~ ~
.    ds /
.\}
.if t \{\
.    ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
.    ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
.    ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
.    ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
.    ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
.    ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
.    \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
.    \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
.    \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
.    ds : e
.    ds 8 ss
.    ds o a
.    ds d- d\h'-1'\(ga
.    ds D- D\h'-1'\(hy
.    ds th \o'bp'
.    ds Th \o'LP'
.    ds ae ae
.    ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "RR::NSEC3 3pm"
.TH RR::NSEC3 3pm "2010-03-12" "perl v5.12.4" "User Contributed Perl Documentation"
.\" For nroff, turn off justification.  Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
Net::DNS::RR::NSEC3 \- DNS NSEC3 resource record
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\f(CW\*(C`use Net::DNS::RR;\*(C'\fR
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Class for \s-1DNS\s0 Address (\s-1NSEC3\s0) resource records.
.PP
The \s-1NSEC3\s0 Resource Record (\s-1RR\s0) provides authenticated denial of
existence for \s-1DNS\s0 Resource Record Sets.  The \s-1NSEC3\s0 \s-1RR\s0 lists \s-1RR\s0 types
present at the \s-1NSEC3\s0 \s-1RR\s0's original ownername.  It includes the next
hashed ownername in the hash order of the zone.  The complete set of
\&\s-1NSEC3\s0 RRs in a zone indicates which RRsets exist for the original
ownername of the RRset and form a chain of hashed ownernames in the
zone.
.SH "METHODS"
.IX Header "METHODS"
.SS "ownername"
.IX Subsection "ownername"
Returns the hashed value of the original owner name as contained in the first
label of the ownername of the record.
.PP
.Vb 2
\&   The owner name for the NSEC3 RR is the base32 encoding of the hashed
\&   owner name prepended as a single label to the name of the zone.
.Ve
.PP
In other words the name(name) method returns the result of the
\&\fIownername()\fR method prepended to the name of the containing zone.
.SS "optout"
.IX Subsection "optout"
Reads and sets the opt-out attribute.
.SS "flags"
.IX Subsection "flags"
Reads and sets the flag field.
.SS "hashalgo"
.IX Subsection "hashalgo"
Reads and sets the hashalgo (hash algorithm) attribute.
.SS "hnxtname"
.IX Subsection "hnxtname"
Reads and sets the hnxtname (hashed next ownername) attribute.
.SS "typelist  (inhereted from \s-1NSEC\s0)"
.IX Subsection "typelist  (inhereted from NSEC)"
.Vb 1
\&    print "typelist" = ", $rr\->typelist, "\en";
.Ve
.PP
Returns a string with the list of qtypes for which data exists for
this particular label.
.SS "typebm  (inhereted from \s-1NSEC\s0)"
.IX Subsection "typebm  (inhereted from NSEC)"
.Vb 1
\&    print "typebm" = " unpack("B*", $rr\->typebm), "\en";
.Ve
.PP
Same as the typelist but now in a representation  bitmap as in 
specified in the \s-1RFC\s0. This is not the kind of method you will need
on daily basis.
.SS "covered, matched"
.IX Subsection "covered, matched"
.Vb 1
\&    print "covered" if $rr\->covered{\*(Aqexample.foo\*(Aq}
.Ve
.PP
covered returns a nonzero value when the the domain name provided as argument
is covered as defined in the \s-1NSEC3\s0 specification:
.PP
.Vb 5
\&   To cover:  An NSEC3 RR is said to "cover" a name if the hash of the
\&      name or "next closer" name falls between the owner name and the
\&      next hashed owner name of the NSEC3.  In other words, if it proves
\&      the nonexistence of the name, either directly or by proving the
\&      nonexistence of an ancestor of the name.
.Ve
.PP
Similarly ismatched returns a nonzero value when the domainname in the argument
matches as defined in the \s-1NSEC3\s0 specification:
.PP
.Vb 3
\&   To match: An NSEC3 RR is said to "match" a name if the owner name
\&      of the NSEC3 RR is the same as the hashed owner name of that
\&      name.
.Ve
.SH "Functions"
.IX Header "Functions"
.SS "name2hash"
.IX Subsection "name2hash"
Takes the hash identifyer (numeric), a fullyqualfied domain name, the
number of iterations and a binary salt to compute the hash value used
in the \s-1NSEC3\s0 calculations.
.PP
.Vb 4
\&    $hashalg=Net::DNS::SEC\->digtype("SHA1");
\&    $salt=pack("H*","aabbccdd");
\&    $iterations=12;
\&    $name="*.x.w.example";
\&
\&    $hashedname= Net::DNS::RR::NSEC3::name2hash($hashalg,$name,$iterations,$salt);
\&    print $hashedname;
\&results in:
\&    92pqneegtaue7pjatc3l3qnk738c6v5m
.Ve
.PP
Normally the salt and itterations would be fetched from an \s-1NSEC3PARAM\s0 record.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright (c) 2007, 2008  NLnet Labs.  Author Olaf M. Kolkman <olaf@net\-dns.org>
.PP
All Rights Reserved
.PP
Permission to use, copy, modify, and distribute this software and its
documentation for any purpose and without fee is hereby granted,
provided that the above copyright notice appear in all copies and that
both that copyright notice and this permission notice appear in
supporting documentation, and that the name of the author not be
used in advertising or publicity pertaining to distribution of the
software without specific, written prior permission.
.PP
\&\s-1THE\s0 \s-1AUTHOR\s0 \s-1DISCLAIMS\s0 \s-1ALL\s0 \s-1WARRANTIES\s0 \s-1WITH\s0 \s-1REGARD\s0 \s-1TO\s0 \s-1THIS\s0 \s-1SOFTWARE\s0, \s-1INCLUDING\s0
\&\s-1ALL\s0 \s-1IMPLIED\s0 \s-1WARRANTIES\s0 \s-1OF\s0 \s-1MERCHANTABILITY\s0 \s-1AND\s0 \s-1FITNESS\s0; \s-1IN\s0 \s-1NO\s0 \s-1EVENT\s0 \s-1SHALL\s0
\&\s-1AUTHOR\s0 \s-1BE\s0 \s-1LIABLE\s0 \s-1FOR\s0 \s-1ANY\s0 \s-1SPECIAL\s0, \s-1INDIRECT\s0 \s-1OR\s0 \s-1CONSEQUENTIAL\s0 \s-1DAMAGES\s0 \s-1OR\s0 \s-1ANY\s0
\&\s-1DAMAGES\s0 \s-1WHATSOEVER\s0 \s-1RESULTING\s0 \s-1FROM\s0 \s-1LOSS\s0 \s-1OF\s0 \s-1USE\s0, \s-1DATA\s0 \s-1OR\s0 \s-1PROFITS\s0, \s-1WHETHER\s0 \s-1IN\s0
\&\s-1AN\s0 \s-1ACTION\s0 \s-1OF\s0 \s-1CONTRACT\s0, \s-1NEGLIGENCE\s0 \s-1OR\s0 \s-1OTHER\s0 \s-1TORTIOUS\s0 \s-1ACTION\s0, \s-1ARISING\s0 \s-1OUT\s0 \s-1OF\s0
\&\s-1OR\s0 \s-1IN\s0 \s-1CONNECTION\s0 \s-1WITH\s0 \s-1THE\s0 \s-1USE\s0 \s-1OR\s0 \s-1PERFORMANCE\s0 \s-1OF\s0 \s-1THIS\s0 \s-1SOFTWARE\s0.
.PP
Based on, and contains, code by Copyright (c) 1997 Michael Fuhr.
.PP
Acknowledgements to Roy Arends who made a test version for this class
and whose code I've looked at before writing this module.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
http://www.net\-dns.org/ <http://www.net-dns.org/> 
http://www.iana.org/assignments/dnssec\-nsec3\-parameters <http://www.iana.org/assignments/dnssec-nsec3-parameters>
Net::DNS::RR::NSEC3PARAM,
\&\fIperl\fR\|(1), Net::DNS, Net::DNS::Resolver, Net::DNS::Packet,
Net::DNS::Header, Net::DNS::Question, Net::DNS::RR,
\&\s-1RFC4033\s0, \s-1RFC4034\s0, \s-1RFC4035\s0, \s-1RFC5155\s0