BIND 9.8.0b1 Released Today

Paul Wouters paul at
Mon Jan 24 14:54:34 UTC 2011

On Sat, 22 Jan 2011, JINMEI Tatuya / 神明達哉 wrote:

>>>> Does this work with DNSSEC if one loads an explicit trust anchor, even
>>>> if in the "world view" the trust anchor is missing?
>>> I'm afraid I don't understand the question.  Could you be more
>>> specific, e.g., by using the above example?
>> I think Paul is wondering if it works with the DENIC testbed. 8-)
>> The forward hack does not work reliable for DNSSEC islands, IIRC.
> (I still don't understand what exactly "it works with the DENIC
> testbed" means in the context of the original question of Paul, but)
> If so, I believe the answer is yes.  static-stub was developed
> specifically for that purpose (although the feature itself is generic
> and would be useful for other purposes) :-)

I meant, if you have a zone example.tld. And tld. is not signed, but
you have a testbed for a signed tld. at IP, if static-stub
would allow you to configure a resolving bind to perform DNSSEC on with a loaded trusted-key. So yes, the "de" (or "ca") testbed


More information about the bind-users mailing list