DNSSEC ISSUE (Msg: Request is not signed)

Curt Sampson cjs at cynic.net
Tue Jul 17 08:03:42 UTC 2007

On Mon, 16 Jul 2007, Mark Andrews wrote:

>> I'm curious as to why this is set up this way, though. Wouldn't it make
>> sense that authoratative servers, when loading or fetching the zone
>> file, validate the data when loaded and then return responses with the
>> AD bit set?
> 	Try that with a very large zone :-)

Ah. Good point.

Actually, my main interest is just in make sure that my zones are valid
before I load them into my server. (I.e., they got from the place where
I sign them out to my servers without damage.) Is there a tool kicking
around that validates them?

Curt Sampson         <cjs at cynic.net>         +81 90 7737 2974
The power of accurate observation is commonly called cynicism
by those who have not got it.    --George Bernard Shaw

More information about the bind-users mailing list