Re: Dig 9.9.1 AD-bit
On 3 Aug 2012, at 02:25, Marco Davids (SIDN) marco.dav...@sidn.nl wrote: Dig 9.9.1 is setting the AD-bit in queries by default. Does anyone know why? It means I want the results of DNSSEC validation but not all the RRSIG and NSEC records I would get from DO=1. Tony. -- f.anthony.n.finch d...@dotat.at http://dotat.at/ ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Dig 9.9.1 AD-bit
Hi, Dig 9.9.1 is setting the AD-bit in queries by default. Does anyone know why? Took me a while to figure out, among other things because Wireshark has a little bug that prevents the AD-bit being shown in queries. (reported as bug 2472 and 7555 on https://bugs.wireshark.org/bugzilla/) Thanks. Regards, -- Marco ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Dig 9.9.1 AD-bit
On Thu, 2 Aug 2012, Marco Davids (SIDN) wrote: Dig 9.9.1 is setting the AD-bit in queries by default. Does anyone know why? 3205. [func] Upgrade dig's defaults to better reflect modern nameserver behaviour. Enable dig +adflag and dig +edns=0 by default. Enable +dnssec when running dig +trace. [RT #23497] Took me a while to figure out, among other things because Wireshark has a little bug that prevents the AD-bit being shown in queries. (reported as bug 2472 and 7555 on https://bugs.wireshark.org/bugzilla/) ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users