You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I mentioned this in hsd and hnsd as well. Unbound has two variables in the result secure and bogus.
In all cases, if the answer is bogus we should return servfail.
If the answer is secure add the Authenticated Data (AD) bit.
If the answer is not secure set the Authenticated Data (AD) bit to false.
bogus indicates a security failure which means that the result shouldn't be trusted. This allows us to do authenticated denial of existence.
One thing that's nice to have but not necessary is that if the CD bit is set (checking disabled) in the question we probably shouldn't do anything about this and return the bogus result (but it's not really a big deal since they will get servfail from the validating resolver anyway).
The text was updated successfully, but these errors were encountered:
I mentioned this in hsd and hnsd as well. Unbound has two variables in the result secure and bogus.
bogus indicates a security failure which means that the result shouldn't be trusted. This allows us to do authenticated denial of existence.
One thing that's nice to have but not necessary is that if the CD bit is set (checking disabled) in the question we probably shouldn't do anything about this and return the bogus result (but it's not really a big deal since they will get servfail from the validating resolver anyway).
The text was updated successfully, but these errors were encountered: