unbound API and authenticated data
George Thessalonikefs
george at nlnetlabs.nl
Wed Jul 15 15:03:35 UTC 2020
Hi Anthony,
It is not clear to me by your text but:
- If unbound receives the AD, it means that the upstream *signals* that
it has verified the query response. Unbound will not trust this and
will always do validation (unless not configured).
- If unbound sets the AD, unbound itself has verified the response.
I can't give one answer for the other values because it depends on the
response.
Information for the values you asked can be found in your local man page
for libunbound or online at
https://www.nlnetlabs.nl/documentation/unbound/libunbound/ for the
latest version.
Best regards,
-- George
On 14/07/2020 20:20, Modster, Anthony via Unbound-users wrote:
> Does anyone have the information below ?
>
>
>
> *From:* Modster, Anthony
> *Sent:* Wednesday, July 8, 2020 11:53 AM
> *To:* Modster, Anthony via Unbound-users <unbound-users at lists.nlnetlabs.nl>
> *Subject:* unbound API and authenticated data
>
>
>
> Hello
>
>
>
> We are using unbound API for DNSSEC resolve.
>
>
>
> If the Authenticated Data (AD) flag is received and is set to “not
> validated” 0.
>
> What would be the states of the following flags:
>
> * havedata
> * secure
> * bogus
>
>
>
> Thanks
>
>
>
More information about the Unbound-users
mailing list