[nsd-users] do bit
miek at miek.nl
Tue Sep 20 08:27:32 UTC 2011
[ Quoting Matthijs Mekking at 10:21 on September 20 in "Re: [nsd-users] do bit"... ]
> Hi Miek,
> You are hitting something old. From the REQUIREMENTS of NSD:
> + If the DNSSEC OK bit (DO bit) is set then the query will be
> processed as a DNSSEC request. Although RFC3225 does not
> explicitly specify this NSD clears the DO bit in the answer.
> This has been in there since version 1.0.1 :)
no way! :)
> I believe that the scope RFC3255 is explicit for resolvers, and RFC 4034
> is not clear about it what an authoritative server should do.
ah, okay. I was put off guard by this line in 3225.
The DO bit of the query MUST be copied in the response.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 198 bytes
Desc: Digital signature
More information about the nsd-users