error (no valid DS)
Agustín Dixan Díaz Corrales
agustin.dixan at esilt.azcuba.cu
Tue Nov 26 16:19:20 UTC 2013
El 26/11/13 11:09, /dev/rob0 escribió:
> On Tue, Nov 26, 2013 at 09:38:44AM -0500, Agustín Dixan Díaz Corrales wrote:
>> solved!
>
> No, not solved ...
>
>> dnssec-enable no;
>> dnssec-validation no;
>
> ... That's a workaround, not a solution. If you read up on the
> reasons for DNSSEC, you'll understand that you have fixed this
> problem by opening yourself up to other ones.
>
> Granted, DNSSEC usage involves a bit of pain these days, but I'm
> hanging in there and continuing to validate. The only concession I
> made was "dnssec-accept-expired yes;"
>
copy that, it a tested the last "solution" but the cost is
security...thanks agains..
More information about the bind-users
mailing list