Closed cblanto7 closed 6 years ago
from RFC 4035:
The CD and AD bits are designed for use in communication between security-aware resolvers and security-aware recursive name servers. These bits are for the most part not relevant to query processing by security-aware authoritative name servers.
A security-aware name server does not perform signature validation for authoritative data during query processing, even when the CD bit is clear. A security-aware name server SHOULD clear the CD bit when composing an authoritative response.
doesn't seem like something we will need to implement, as JDNS is authoritative only.
As a developer, I want to know what this AD bit is used for in regards to DNS SEC.