Hello fellow dnsmasq users, there is a topic on the IPFire support forums I would like to point you to:
http://forum.ipfire.org/index.php?topic=11726.0 It appears that dnsmasq cannot verify resource records of a DNSSEC-enabled domain. That domain uses RSA/SHA1-NSEC3-SHA1 for its signatures. Although there is some code in dnsmasq that is supposed to handle this, it does not verify the records correctly. Did anyone else experience this problem? Is it a bug with dnsmasq or the authoritative name servers of that domain? Best, -Michael
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
