message is bogus, non secure rrset with Unbound as local caching resolver
Havard Eidnes
he at uninett.no
Thu Mar 3 11:08:28 UTC 2016
>> > Following the "not a bug" response from the BIND maintainers
>> > yesterday evening, can you please point to chapter and verse
>> > mandating this behaviour for non-authoritative recursive
>> > resolvers?
>>
>> RFC4035 3.2.3 for validators, all RRsets in answer and authority
>> sections should be authentic ...
>>
>> https://tools.ietf.org/html/rfc4035#section-3.2.3
>
> That's about setting the ad bit. Was it set in this response?
Nope AD=1 was not set in the response, and I would guess that is
as expected, since CD=1 was set in the query.
Regards,
- Håvard
More information about the Unbound-users
mailing list