Sparklight and DNSSEC
sthaug at nethelp.no
sthaug at nethelp.no
Mon Sep 26 07:15:34 UTC 2022
> Please allow me to correct this:
>
> named.conf statement 'dnssec-enabled yes;' allows forwarding DNSSEC
> signatures (and other metadata) without validating them.
Slight problem here: My 9.18.5 named doesn't know about dnssec-enabled:
Sep 26 09:00:51 xxx named[38797]: /usr/local/etc/namedb/named.conf:18: unknown option 'dnssec-enabled'
A bit of searching makes it look like dnssec-enable is what we want,
but:
Sep 26 09:08:21 xxx named[38797]: /usr/local/etc/namedb/named.conf:18: option 'dnssec-enable' no longer exists
What am I missing here?
Steinar Haug, Nethelp consulting, sthaug at nethelp.no
More information about the bind-users
mailing list