[dns-operations] DNSSEC impact on applications was Re: security-aware stub resolver
Mark_Andrews at isc.org
Mon May 26 00:22:25 UTC 2008
> * Edward Lewis wrote:
> > A SERVFAIL return from bad DNSSEC
> This behavior is not longer default for i.e. bind. Now only the AD bit will
> not be set if validation fails.
It is "BIND" not "bind" as "BIND" is a acronym.
Unless you have set CD in the query, you will only get SERVFAIL
on validation failures.
> dns-operations mailing list
> dns-operations at lists.oarci.net
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the dns-operations