Does anyone have DNSSEC problem with uscg.mil
David Newman
dnewman at networktest.com
Thu Nov 14 23:21:25 UTC 2013
On 11/14/13 1:29 PM, Kevin Oberman wrote:
> Don't forget that Google will white-list domains with known (by them)
> broken DNSSEC and reply even though validation is broken, so using
> 8.8.8.8 for checking on whether validation is broken is not the best idea.
Really? Google sets the ad flag for known non-authenticated data?
Or are you saying Google will respond to any +dnssec query but without
the ad flag if that domain's configuration is broken? Or something else?
Thanks
dn
More information about the bind-users
mailing list