© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
a60fb26
(Get the code!)
Thanks for the report; it's my understanding that "real" DNSSEC deployments at sites that care will do all the DNSSEC enforcement with a local recursor because the application APIs are immature / underspecified / etc.
Such centralization also makes it far easier for the DNS operations team to work around misconfigured DNSSEC systems in the wild by setting Negative Trust Anchors on portions of the DNS tree (as described at https:/
Thanks