[Dnssec-deployment] DLV - it's not just for hostnames.

David Conrad drc at virtualized.org
Tue Jun 14 12:26:17 EDT 2011


Michael,

On Jun 14, 2011, at 8:47 AM, Michael Graff wrote:
> And people know those things before they add DLV to their resolver,

Do they? Did a quick Google search for "default bind configuration dlv". I don't see any reference to what DLV implies in (e.g.,) http://fedoraproject.org/wiki/Features/DNSSEC.  I'd also note that Redhat Enterprise Linux 6 states:  "In a default installation, BIND is installed with DNSSEC validation enabled, and uses the ISC DLV register." with no discussion.

> so what's the problem?

DLV is a kludge workaround to avoid having to properly support DNSSEC.

Regards,
-drc



More information about the Dnssec-deployment mailing list