FORMERR responses after upgrading resolver from 9.16 to 9.18.8
Sandro
lists at penguinpee.nl
Sun Oct 23 07:26:20 UTC 2022
On 23-10-2022 01:18, Crist Clark wrote:
> On Sat, Oct 22, 2022 at 3:20 PM Sandro <lists at penguinpee.nl> wrote:
> [snip]
>
>
>> Doing favors for the better good does not seem to be in their
>> dictionary. Look at DNSSEC.
>>
>
> Do you mean signing their domains or their public resolver services?
I was referring to signing their own zones.
> https://developers.google.com/speed/public-dns/faq
> Does Google Public DNS support the DNSSEC protocol?
>
> Google Public DNS is a validating, security-aware resolver. All responses
> from DNSSEC signed zones are validated unless clients explicitly set the CD
> flag in DNS requests to disable the validation.
>
> https://developers.cloudflare.com/1.1.1.1/faq/#how-does-1111-work-with-dnssec
> How does 1.1.1.1 work with DNSSEC?
>
> 1.1.1.1 is a DNSSEC validating resolver. 1.1.1.1 sends the DO (DNSSEC OK)
> bit on every query to convey to the authoritative server that it wishes to
> receive signed answers if available. 1.1.1.1 supports the signature
> algorithms specified in Supported DNSKEY signature algorithms
> <https://developers.cloudflare.com/1.1.1.1/encryption/dnskey/>.
>
More information about the bind-users
mailing list