In article <[email protected]>, Mark Andrews <[email protected]> wrote:
> No. It's I've tried real hard to get you a answer which is not a > forgery but I can't. Not really. It's "I've tried real hard to get you an answer that I can *tell* is not a forgery, but I can't." When validation fails, which is really more likely, that it's a forgery or that the DNS administrator screwed up? When website admins mess up certificates, the browser alerts the user and gives them the option of ignoring the error. DNSSEC validation doesn't have the same kind of continuation option. -- Barry Margolin, [email protected] Arlington, MA *** PLEASE don't copy me on replies, I'll read them in the group *** _______________________________________________ bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
