The only system i could get this working at the moment was OpenBSD. To enable this i had to provide 'edns0' as an option in resolv.conf[1].
I have attached a PCAP (openbsd.pcap) generated with tcpdump. If you observe it (for instance with Wireshark) you will see that the request for the SSHFP records has the DO bit set in the EDNS0 section of the packet and the response has the AD bit set in the packet header. [1] http://www.mail-archive.com/m...@openbsd.org/msg11176.html ** Attachment added: "Packet trace of working DNSSEC lookup in OpenBSD" http://launchpadlibrarian.net/27818702/openbsd.pcap -- Bind9 (8.04) not returning 'ad' flag when dnssec is enabled https://bugs.launchpad.net/bugs/242956 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
