Viktor Dukhovni <[email protected]> wrote: > > I think it requires EDNS0,
The AD bit is in the message header not the OPT pseudo-RR, so syntactically it doesn't require EDNS0. BIND works OK (try dig +qr +noedns). However the spec is silent on this matter. http://tools.ietf.org/html/rfc6840#page-10 Also I think it is arguable that RFC 4035 says servers should set the AD flag in the response regardless of whether the client indicates it is security-aware. But implementations do not do that. Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ Lundy, Fastnet, Irish Sea: South veering west 6 to gale 8, occasionally severe gale 9 at first. Rough or very rough, occasionally high in Fastnet. Showers, rain for a time. Good, occasionally poor. _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
