[Unbound-users] Insisting on DNSSEC
Joe Abley
jabley at hopcount.ca
Mon Jan 13 14:32:10 UTC 2014
On 2014-01-11, at 17:16, Anand Buddhdev <anandb at ripe.net> wrote:
> On 11/01/2014 23:00, Rick van Rein wrote:
>
>> Am I correct that Unbound cannot require DNSSEC validation for its
>> resolution?
>
> Not sure what you are asking here.
I think the question is whether it's possible to configure an unbound validator to treat verifiably insecure data the same as bogus data when deciding how to respond to a query from a client.
The answer to that question seems to be no.
Joe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20140113/fe3390e7/attachment.bin>
More information about the Unbound-users
mailing list