On 2009-12-10 08:49, Niobos wrote:
Thank you very much for your help; I'll forward the conversation to the
bug-tracking list.
Since these are my first DNSSEC experiments, I just wanted to make sure that it
wasn't a problem with my understanding of the concept.
Niobos
This has been confi
Thank you very much for your help; I'll forward the conversation to the
bug-tracking list.
Since these are my first DNSSEC experiments, I just wanted to make sure that it
wasn't a problem with my understanding of the concept.
Niobos
On 10 Dec 2009, at 00:59, Hauke Lampe wrote:
> The signatures
[I finally gave up on trying to get Thunderbird *not* to wrap long
lines. Prefixing them with ">" seems to be the only way, even if confusing]
Niobos wrote:
>>> dig +dnssec removed.dnssec.dest-unreach.be
>> Even though I have added your DNSKEY as trusted key, I get SERVFAIL on
>> the first query
>> Could you try this lookup?
>> dig +dnssec removed.dnssec.dest-unreach.be
>
> I see now what you mean.
>
> Even though I have added your DNSKEY as trusted key, I get SERVFAIL on
> the first query and NXDOMAIN on the second, without BIND doing any
> additional outgoing queries.
This is the same
Niobos wrote:
> As soon as I activate DLV (besides the manual SEP I entered), the "removed"
> behaviour changes:
> * First lookup still returns SERVFAIL
> * Subsequent lookups now return NXDOMAIN with the AD flag *set*! (log
> confirms that my domain is not in the DLV and hence is insecure)
Tha
On 08 Dec 2009, at 15:18, Hauke Lampe wrote:
> Niobos wrote:
>
>> When requesting a lookup of "removed", I get a SERVFAIL as well. However,
>> every subsequent request for "removed" gets an NXDOMAIN. (dig outputs below)
>> Flushing the caches on the RR with "rndc flush" causes the first request t
Niobos wrote:
> When requesting a lookup of "removed", I get a SERVFAIL as well. However,
> every subsequent request for "removed" gets an NXDOMAIN. (dig outputs below)
> Flushing the caches on the RR with "rndc flush" causes the first request to
> be a SERVFAIL again.
I cannot reproduce this b
7 matches
Mail list logo
