> Is there any reason these flags should not be set by default? Yes, there is: the code as written uses the NSEC3PARAM record in a way that, debatably, could be an RFC violation. We're planning to correct this, and turn the feature on by default in 9.7.0. (I can't promise, but it may make it into the next alpha release.)
> Also the private type record seems to have changed from 65535 to > 65534 but this hasn't been updated in NSEC3-NOTES. Thank you for pointing that out. -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc. _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
