DNSSEC ISSUE (Msg: Request is not signed)
Curt Sampson
cjs at cynic.net
Tue Jul 17 08:03:42 UTC 2007
On Mon, 16 Jul 2007, Mark Andrews wrote:
>> I'm curious as to why this is set up this way, though. Wouldn't it make
>> sense that authoratative servers, when loading or fetching the zone
>> file, validate the data when loaded and then return responses with the
>> AD bit set?
>
> Try that with a very large zone :-)
Ah. Good point.
Actually, my main interest is just in make sure that my zones are valid
before I load them into my server. (I.e., they got from the place where
I sign them out to my servers without damage.) Is there a tool kicking
around that validates them?
cjs
--
Curt Sampson <cjs at cynic.net> +81 90 7737 2974
http://www.starling-software.com
The power of accurate observation is commonly called cynicism
by those who have not got it. --George Bernard Shaw
More information about the bind-users
mailing list