refactor: always probe DNSKEY regardless of parent DS presence

Move the "skip DNSKEY when no parent DS" decision out of Collect and into the rules, so the prober stays a pure observer. The dnskeyQueryRule and dnskeyMatchesDSRule already return StatusUnknown when no parent DS is present.
2026-05-16 13:18:25 +08:00 · 2026-05-16 13:18:25 +08:00 · 3366cebf7d
commit 3366cebf7d
parent 7e8faa7169
1 changed files with 6 additions and 16 deletions
--- a/checker/collect.go
+++ b/checker/collect.go
@ -142,15 +142,6 @@ func (p *delegationProvider) Collect(ctx context.Context, opts sdk.CheckerOption
 				av.ChildGlueAddrs = addrsAt
 			}

-			// DNSKEY is only useful when there's a parent DS to match against.
-			parentHasDS := false
-			for _, pv := range data.ParentViews {
-				if len(pv.DS) > 0 {
-					parentHasDS = true
-					break
-				}
-			}
-			if parentHasDS {
 			keys, kerr := queryDNSKEY(ctx, srv, delegatedFQDN)
 			if kerr != nil {
 				av.DNSKEYError = kerr.Error()
@ -159,7 +150,6 @@ func (p *delegationProvider) Collect(ctx context.Context, opts sdk.CheckerOption
 					av.DNSKEYs = append(av.DNSKEYs, NewDNSKEYRecord(k))
 				}
 			}
-			}

 			child.Addresses = append(child.Addresses, av)
 		}