[ Quoting <gaurav.kan...@nic.in> at 22:53 on Feb 14 in "Query Regarding NSEC..." ] > Dear Team, > > We have a Authenticated Response in DNSSEC through trust chain. > > Now my question is why we itself need a NSEC when we get response from DNSSEC > enabled server authentically. > > > > Means, if a Record exist in DNSSEC, then it replies the answer along with > RRSIG > of that RR. > > AND if domain doesn’t exist, then it can simply give NXDOMAIN and our job will > be done as we trust that nameserver through trust chain. > > So what’s the need of NSEC??????
This is a whitepaper on the subject: https://www.sidn.nl/fileadmin/docs/PDF-files_UK/wp-2011-0x01-v2.pdf grtz Miek
signature.asc
Description: Digital signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
