Validating zones as a slave?
Lars-Johan Liman
liman at netnod.se
Wed Sep 16 12:44:14 UTC 2015
each at isc.org:
>>> (It has other benefits as well; you don't get spurious AA bits
>>> in your client responses.)
Lars-Johan Liman <liman at netnod.se> wrote:
>> Why are AA bits in client responses a negative thing?
dot at dotat.at:
> Some DNS users (e.g. ssh looking up SSHFP records) can be configured to
> trust the AD bit, but you don't get an AD bit if your recursive server is
> authoritative for a zone.
Whoops. Slowly. That is actually not the answer to the question I asked
but the answer to a different question that you jumped ahead to. :-) But
let's take them one by one:
Evan inferred that (spurious) *AA* bits are considered harmful by
clients. I ask why. :-)
Cheers,
/Liman
More information about the bind-workers
mailing list