On 8/16/09, John Marshall <john.marsh...@riverwillow.com.au> wrote: > > I'm new at DNSSEC. This server is the first one we have configured. > I have the following in the global configuration options: > > dnssec-enable yes; > dnssec-validation yes; > dnssec-lookaside . trust-anchor dlv.isc.org.;
my recommendation is dnssec-enable no; dnssec-validation no; // dnssec-lookaside . trust-anchor dlv.isc.org.; that should fix the problem. then lobby the bind bunnies at isc to incorporate dnscurve into bind. dnscurve is the future of dns security. dnssec is just a bad joke best avoided at all costs. cheers joe baptista -- Joe Baptista www.publicroot.org PublicRoot Consortium ---------------------------------------------------------------- The future of the Internet is Open, Transparent, Inclusive, Representative & Accountable to the Internet community @large. ---------------------------------------------------------------- Office: +1 (360) 526-6077 (extension 052) Fax: +1 (509) 479-0084 Personal: www.joebaptista.wordpress.com
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users