ad flag for RRSIG queries
Marco Davids (SIDN)
marco.davids at sidn.nl
Tue Jul 13 22:07:37 UTC 2010
On 07/13/10 23:58, Doug Barton wrote:
>> Can anyone explain to me why the 'ad'-flag is set for this query?
>>
>> dig +dnssec -t RRSIG www.forfunsec.org
>
> I'm using 9.7.1-P1 with dlv and I'm not seeing the AD flag on that. What
> version of BIND are you using?
>
Hi Doug,
I use BIND 9.7.0rc1, configured to work with the IANA testbed.
dig +dnssec rrsig www.forfunsec.org @149.20.64.20
has the AD flag too, though. It run's BIND 9.6.1-P2. (DNS-OARC
validating resolvers),
The other one, 149.20.64.21, doesn't have it (Unbound)
Regards
--
Marco
More information about the bind-users
mailing list