Tony Finch wrote: > The AD flag is meaningless in a query. In a response it tells you whether > the server is authoritative or not. It has nothing to do with DNSSEC.
AD bit is authenticated data. AA bit is authoritative answer. AD has everything to do with DNSSEC. AA has nothing to do with DNSSEC except that you'll ever get AD and AA set at the same time since Authoritative servers never validate their own responses. AlanC _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users