[Unbound-users] Strange validation errors for proofs of non-existence in .com, .net, .org TLD (is it due to NSEC3 opt-out or I am missing some trust anchor?)

[Blacka, David]

On Jan 2, 2013, at 12:31 PM, Ondrej Mikle <ondrej.mikle at nic.cz> wrote:

> Does anyone know since when do the com/net/org NSEC3s have the opt-out bit set?

Not speaking for org, but com and net have had the opt-out bit set the entire time they have been signed.

--
David Blacka                          <davidb at verisign.com> 
Principal               Verisign Infrastructure Engineering