ISC DLV dnssec

R Dicaire kritek at
Mon Apr 6 00:43:56 UTC 2009

On Sun, Apr 5, 2009 at 7:02 PM, Evan Hunt <Evan_Hunt at> wrote:

> vigilant; this particular failure won't occur again.  And we were already
> in the process of making substantially more robust, so
> hopefully any similar breakages that might have come along in the future
> will be stopped before they happen.

But what about contingencies for continued dns resolution when an
unintended break in the chain of trust occurs?

> I expect this to influence future BIND development too (for example,
> dnssec-signzone will probably be learning to print a few more warning
> messages when it sees legal-but-weird input.)

This too is excellent, and I'd hope fixes be backported to 9.4 and 9.5
releases as well.

Thanks Paul for the response, very helpful and informative!
And kudos to the DLV folks for the service!

aRDy Music and Rick Dicaire present:

More information about the bind-users mailing list