dig query
Alan Clegg
aclegg at isc.org
Wed Jan 6 15:13:58 UTC 2010
Tony Finch wrote:
> The AD flag is meaningless in a query. In a response it tells you whether
> the server is authoritative or not. It has nothing to do with DNSSEC.
AD bit is authenticated data. AA bit is authoritative answer.
AD has everything to do with DNSSEC.
AA has nothing to do with DNSSEC except that you'll ever get AD and AA
set at the same time since Authoritative servers never validate their
own responses.
AlanC
More information about the bind-users
mailing list