Re: bind 9.8.2 "no valid signature found"

Jim Garrison via bind-users wrote: > > Looking at the traffic with Wireshark, I see the RRSIG uses > ECDSA Curve P-256 with SHA-256. Should bind 9.8.2 be able to > recognize that algorithm or is a newer version of bind needed? The CHANGES file on the 9.8 branch says

bind 9.8.2 "no valid signature found"

Running CentOS 6.8 with bind-9.8.2-0.47.rc1.el6_8.4.x86_64 I'm getting lots of log messages of the form Jan 25 22:11:55 janus named[10123]: validating @0x7f51084b6450: cloudflare.com A: no valid signature found CloudFlare's DNSSEC seems to be OK according to