[Dnsmasq-discuss] DNSSEC: Answer for local hosts with AD flag set?

Jan-Piet Mens jpmens.dns at gmail.com
Wed Sep 30 21:12:53 BST 2015

> Anyway I'd like to be able to mark answers for local hosts within the
> local network as validated. Is there an option to enable this?

I hope not because it would be a lie; that zone has not been signed and
thus cannot be validated. Indicating Authentic Data would be a lie.

My curiousity forces me to ask you: why would you want dnsmasq to do
that? It's very simple nowadays to set up an authoritative DNSSEC-aware
signer. Isn't that the solution you're actually looking for?


More information about the Dnsmasq-discuss mailing list