[Unbound-users] Insisting on DNSSEC

Tony Finch dot at dotat.at
Mon Jan 13 17:27:00 UTC 2014


Rick van Rein <rick at openfortress.nl> wrote:
>
> I *think* I am asking for something new — namely, to insist on presence
> of DNSSEC and proper validation on it.  In other words, to be able to
> neglect anything that is not properly signed.

Not that new - look at BIND's dnssec-must-be-secure option.

Tony.
-- 
f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/
Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at first.
Rough, becoming slight or moderate. Showers, rain at first. Moderate or good,
occasionally poor at first.


More information about the Unbound-users mailing list