testing validation
Alan Batie
alan at peak.org
Wed Apr 18 18:58:18 UTC 2012
On 4/18/12 11:48 AM, Spain, Dr. Jeffry A. wrote:
>> Isn't the "DS for the zone: ." what the "managed-keys" clause provides?
>> Though putting it back in didn't make the warning go away, so I must be missing something else here...
>
> Any difference with dnssec-validation auto and removing the managed-keys and root hint zone? Jeff.
No; I did turn on auto and removed the managed-keys and hint, noticed
the warning and tried turning validation back to yes with the
managed-keys, but that didn't change the warning. dig still reports
successful validation even with the warning though...
# dig @localhost +dnssec raindrop.us
; <<>> DiG 9.9.0 <<>> @localhost +dnssec raindrop.us
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1578
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
...
More information about the bind-users
mailing list