> From: Ralph Dolmans via Unbound-users <unbound-users@unbound.net>
>> - Aggressive use of NSEC is not so transparent to me.
>>   unsure, what I really may expect here. Under which conditions is this 
>> active?
> When this option is enabled Unbound will try to use cached NSEC records
> to generate an NXDOMAIN, NODATA or wildcard answer. See RFC8198.

Thanks very much for implementing RFC 8198.

One comment is that there is no documentation about "aggressive-nsec: yes"
in server secton. (default no)

# I read it from util/config_file.c .

Please add documentations about aggressive-nsec.

Kazunori Fujiwara / fujiw...@jprs.co.jp

Reply via email to