On 8/1/22 11:51 AM, John W. Blue via bind-users wrote:
However, the intent of the thread is to talk about the lack of an AD flag from a non-public internal authoritative server. Based upon what I am seeing only the AA flag is set.
There are multiple reasons to sign zones. The existence of the AD flag is only one of them.
IM(NS)HO, the lack of an AD flag from an authoritative server is not in and of itself a reason to not sign zones; internal or otherwise.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
-- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
