Hi, > NSEC3PARM is not supposed to be present in a unsigned zone. rndc doesn't > add them to the zone. It tells the signing component to generate a NSEC3 > chain and when that is complete to add the NSEC3PARAM record. Nothing says so in the specs: http://tools.ietf.org/html/rfc5155#section-4
You just add complexity by having the user enter the same information twice and possibly failing to do it right. Cheers, Wolfgang _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
