DNSKEY dynamic update: unexpected change 9.6.0-P1 -> 9.6.1
Evan Hunt
each at isc.org
Wed Jul 8 21:20:29 UTC 2009
> Is there any reason these flags should not be set by default?
Yes, there is: the code as written uses the NSEC3PARAM record in a
way that, debatably, could be an RFC violation. We're planning to
correct this, and turn the feature on by default in 9.7.0. (I can't
promise, but it may make it into the next alpha release.)
> Also the private type record seems to have changed from 65535 to
> 65534 but this hasn't been updated in NSEC3-NOTES.
Thank you for pointing that out.
--
Evan Hunt -- each at isc.org
Internet Systems Consortium, Inc.
More information about the bind-users
mailing list