In article <mailman.1763.1385483027.20661.bind-us...@lists.isc.org>, Agustín Dixan Díaz Corrales <agustin.di...@esilt.azcuba.cu> wrote:
> El 26/11/13 11:09, /dev/rob0 escribió: > > On Tue, Nov 26, 2013 at 09:38:44AM -0500, Agustín Dixan Díaz Corrales wrote: > >> solved! > > > > No, not solved ... > > > >> dnssec-enable no; > >> dnssec-validation no; > > > > ... That's a workaround, not a solution. If you read up on the > > reasons for DNSSEC, you'll understand that you have fixed this > > problem by opening yourself up to other ones. > > > > Granted, DNSSEC usage involves a bit of pain these days, but I'm > > hanging in there and continuing to validate. The only concession I > > made was "dnssec-accept-expired yes;" > > > copy that, it a tested the last "solution" but the cost is > security...thanks agains.. It's like solving the problem of the Check Engine light on your dashboard by putting black tape over the light. -- Barry Margolin Arlington, MA
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
