Vernon Schryver <[email protected]> wrote: > > How does a secondary authoritative DNS server fail to support DNSSEC?
A security-aware authoritative server has to support: * EDNS0 and DO * RRSIG records alongside the RRsets they cover in responses * Special logic for DS in parent zones * NSEC or NSEC3 in negative and wildcard responses Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at first. Rough, becoming slight or moderate. Showers, rain at first. Moderate or good, occasionally poor at first. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
