Re: named stops resolving anything -- dnssec issue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 04/05/2009 12:04 PM, Chuck Anderson wrote:
Because DNSSEC is still in it's infancy w.r.t. production deployment
on the Internet.  The powers that be still haven't signed the root
zone, and most TLD zones aren't signed either.  So we have to live
with the hack known as DLV for now, and there isn't much robustness in
that service yet.
Then Fedora shouldn't be shipping bind RPMs that turn DNSSEC validation on, should it? Or perhaps dnssec-must-be-secure can be used in named.conf to configure in such a way that named tries DNSSEC validation but allows the query to proceed (with an error message logged) even if it fails?

  jik

--
fedora-test-list mailing list
fedora-test-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-test-list

[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux