AW: Disable DNSSEC Validation for selected Domains

Warren Kumari warren at kumari.net
Wed Jan 14 23:06:12 UTC 2015


NSEC.
W

On Wed, Jan 14, 2015 at 5:12 PM, Stuart Browne
<Stuart.Browne at bomboratech.com.au> wrote:
>> Unfortunately we can't sign the fictional TLD, since we are neither master
>> nor slave of the zone.
>> We are just forwarding our queries to a foreign authorative Server.
>>
>> Grüße,
>> Stefan
>
> If the zone isn't signed, it shouldn't be trying to validate it as there's nothing to validate.  Unless this fictional TLD now has a real delegated counter-part?
>
> Stuart
>
>> _______________________________________________
>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
>> unsubscribe from this list
>>
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users



-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf


More information about the bind-users mailing list