DNSSEC validation works with DLV, but not with just trusted-key
hanno at hboeck.de
Wed Nov 25 15:37:04 UTC 2009
Am Mittwoch 25 November 2009 schrieb Alan Clegg:
> There is no DS record for dnssec-tools.org in .org (chain of trust is
> broken), so you can't validate the response -- thus the data being
> passed back to you.
Ok, that explains it.
Are there any example domains with known-broken dnssec records with a full
Hanno Böck Blog: http://www.hboeck.de/
GPG: 3DBD3B20 Jabber/Mail: hanno at hboeck.de
http://schokokeks.org - professional webhosting
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 198 bytes
Desc: This is a digitally signed message part.
More information about the bind-users