error (broken trust chain) resolving
Brian J. Murrell
brian at interlinx.bc.ca
Mon Nov 22 13:28:01 UTC 2010
Casey Deccio <casey <at> deccio.net> writes:
>
> After a review of NSEC3 showed that this particular behavior is
> expected because org has been signed using NSEC3 with the opt-out bit
> set.
I'm afraid I'm getting a bit lost due to my real lack of understanding of the
details of DNSSEC. I wish I had the time to really sit down and understand the
concepts in complete detail. :-(
So does the RFC reference just explain why the AD bit (i.e. and not the bigger
problem of the spew of log entries from named) is not set or does that explain
the entire problem I am seeing (namely the continuous log spew from named)?
Cheers,
b.
More information about the bind-users
mailing list