9.9.0rc1: example from arm 4.8.3 does not validate

Hi all, I tried the example from page 23 with a local zone, a trusted key and inline-signing, like: --- trusted-keys { example.com. 257 3 5 AwEAAd5l859ggW8ZpVAQxEmugl+N/klWH+kFpcoQYGd3ngB6381lva2E IUXa2iOxJPmvYut96zUqhprlUfuEBvhU21Dd8dv7rr3Q5a+UT5XA9fUe

Re: 9.9.0rc1: example from arm 4.8.3 does not validate

I tried the example from page 23 with a local zone, a trusted key and inline-signing, like: [...] But I'm getting no ad-flag: That's normal; authoritative servers don't set the AD bit, validating resolvers do. (There's not much point in having an authoritative server validate its own

RE: 9.9.0rc1: example from arm 4.8.3 does not validate

I tried the example from page 23 with a local zone, a trusted key and inline-signing, ... But I'm getting no ad-flag I think that is expected behavior when you query an authoritative server directly. For example, our authoritative server: dig @ns1.countryday.net countryday.net dnskey +dnssec