-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 2013-02-05 at 17:01 -0800, Augie Schwer wrote: > Is there a way to exclude a domain from DNSSEC validation, like > Unbound's "domain-insecure"?
I have not tested this, but if you use RPZ to block the DS record for nasa.gov, that should turn it into an insecure zone. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (GNU/Linux) iEYEARECAAYFAlERvVsACgkQL6j7milTFsHTwwCfQ9uLJOAxBozthy3b9VHtu7rc j7sAnipnnL8GmL3VrGdg/Tiko0ZZ9/ih =xJ3x -----END PGP SIGNATURE----- _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
