Am 18.01.2012 um 23:54 schrieb Evan Hunt: >> I tried the example from page 23 with a local zone, a trusted key and >> inline-signing, like: >> [...] >> But I'm getting no ad-flag: > > That's normal; authoritative servers don't set the AD bit, validating > resolvers do. (There's not much point in having an authoritative server > validate its own answers.) Can dig tell me, if the sigs are valid, if I provide my trusted key? Or do I need a 2nd (validating) ns?
Axel --- PGP-Key:29E99DD6 ☀ +49 151 2300 9283 ☀ computing @ chaos claudius _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users