Query on Resolver(9.2.3) w.r.t to DNSSEC
Gany
ganiee at rediffmail.com
Tue Nov 23 06:33:32 UTC 2004
Hi ,
Iam currently working on porting DNS BIND 4.8 to DNS BIND
9.2.3. I have a specific query regarding the role of resolver library
in DNSSEC.
Query:
======
Does DNS BIND 9.2.3 support caching and verification of RRs (resourse
records)
on the resolver library part by default?
We are trying to port 4.8 resolver code to 9.2.3 resolver code. Since
Our platfrom doesn't support OPenssl, we are trying to lookout for
this option. we wanted to know, whether by default any authentication
is enabled at the resolver part in BIND 9.2.3.
We understand that RFC2535 states CD and AD bit. If CD bit is set,
then resolver doesn't do auth and integrity tests. Is this CD bit
disabled or enabled in BIND 9.2.3?
To reiterate the whole question again, we wanted to know the role of
resolver with respect to DNSSEC in BIND 9.2.3!
Since, we are pretty new to DNSSEC, we need your valuable inputs on
the above query.
regards,
Ganesh.
More information about the bind-users
mailing list