Public bug reported: Hi,
it looks like there is an error in the manpage of resolved.conf. Ubuntu 20.04.1 LTS systemd 245.4-4ubuntu3.2 The manpage of resolved.conf says: DNSSEC= ... Defaults to "allow-downgrade" So when I leave the resolved.conf un-edited, the value is [Resolve] ... #DNSSEC=no ... so the default "allow-downgrade" should apply. But instead DNSSEC is not used at all. dig sshfp dnsprivacy.org +dnssec ; <<>> DiG 9.16.1-Ubuntu <<>> sshfp dnsprivacy.org +dnssec ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24171 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 When I set the value hard-coded to "allow-downgrade" [Resolve] ... DNSSEC=allow-downgrade ... the ad flag is shown. dig sshfp dnsprivacy.org +dnssec ; <<>> DiG 9.16.1-Ubuntu <<>> sshfp dnsprivacy.org +dnssec ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41701 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 Best regards Daniel ** Affects: systemd (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1895528 Title: Setting in manpage of resolved.conf does not apply To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1895528/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs