[Bug 1500683] Re: By default DNSSEC is enabled with automatic keys
Mike Pontillo
mike.pontillo at canonical.com
Wed Oct 7 23:53:44 UTC 2015
Yes, that seems to be the argument. I would like to understand why it
seems to be that many environments are set up with a forwarder that does
not support DNSSEC. (is this by choice? is it a particular vendor, or
old DNS server which does not forward the queries properly?
misconfigured firewall rules?)
There are three possible values for the BIND dnssec-validation option:
'yes', 'no', and 'auto'.
By saying "enabled with automatic keys", we just mean the default value
of "dnssec-validation auto;" in the BIND configuration file.
See also: http://users.isc.org/~jreed/dnssec-guide/dnssec-guide.html
#dnssec-validation-explained
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bind9 in Ubuntu.
https://bugs.launchpad.net/bugs/1500683
Title:
By default DNSSEC is enabled with automatic keys
To manage notifications about this bug go to:
https://bugs.launchpad.net/maas/+bug/1500683/+subscriptions
More information about the Ubuntu-server-bugs
mailing list