[Dnsmasq-discuss] DNSSEC: Answer for local hosts with AD flag set?
jpmens.dns at gmail.com
Wed Sep 30 21:12:53 BST 2015
> Anyway I'd like to be able to mark answers for local hosts within the
> local network as validated. Is there an option to enable this?
I hope not because it would be a lie; that zone has not been signed and
thus cannot be validated. Indicating Authentic Data would be a lie.
My curiousity forces me to ask you: why would you want dnsmasq to do
that? It's very simple nowadays to set up an authoritative DNSSEC-aware
signer. Isn't that the solution you're actually looking for?
More information about the Dnsmasq-discuss