|
|
|
|
|
|
by tptacek
2724 days ago
|
|
|
I'm not sure this works the way you say it works. NSEC records are provided by authority servers; they're a way for the delegated owner of "." to say that there aren't zones between .PCCW and .PE. They work because they have chained signatures. A recursive server can't generate NSEC records for the DNS root, and, obviously, wouldn't have to; any DNS server, DNSSEC or not, can accomplish what you're talking about with a simple "if" statement. |
|
|