Re: Stop of logging of No Valid Signature Found

2013-02-25 Thread Robert Moskowitz
On 02/25/2013 09:36 PM, Mark Andrews wrote: In message <512c18eb.2050...@htt-consult.com>, Robert Moskowitz writes: On 02/25/2013 08:38 PM, Mark Andrews wrote: In message <512c1009.4060...@htt-consult.com>, Robert Moskowitz writes: dnssec-enable yes; dnssec-validation yes; digg

Re: Stop of logging of No Valid Signature Found

2013-02-25 Thread Mark Andrews
In message <512c18eb.2050...@htt-consult.com>, Robert Moskowitz writes: > > On 02/25/2013 08:38 PM, Mark Andrews wrote: > > In message <512c1009.4060...@htt-consult.com>, Robert Moskowitz writes: > >> dnssec-enable yes; > >> dnssec-validation yes; > digging back in the ar

Re: Stop of logging of No Valid Signature Found

2013-02-25 Thread Robert Moskowitz
On 02/25/2013 08:38 PM, Mark Andrews wrote: In message <512c1009.4060...@htt-consult.com>, Robert Moskowitz writes: dnssec-enable yes; dnssec-validation yes; digging back in the archive here, I find out this should be dnssec-validation auto; Actually it can be either. It'

Re: Stop of logging of No Valid Signature Found

2013-02-25 Thread Mark Andrews
In message <512c1009.4060...@htt-consult.com>, Robert Moskowitz writes: > dnssec-enable yes; > dnssec-validation yes; > >> digging back in the archive here, I find out this should be > >> > >> dnssec-validation auto; > > Actually it can be either. It's all a matter of ho

Re: Stop of logging of No Valid Signature Found

2013-02-25 Thread Robert Moskowitz
On 02/25/2013 08:15 PM, Mark Andrews wrote: In message <512c09f5.4040...@htt-consult.com>, Robert Moskowitz writes: On 02/25/2013 03:25 PM, Robert Moskowitz wrote: On 02/25/2013 02:33 PM, Robert Moskowitz wrote: On 02/25/2013 02:00 PM, Casey Deccio wrote: On Mon, Feb 25, 2013 at 5:09 AM, Rob

Re: Stop of logging of No Valid Signature Found

2013-02-25 Thread Mark Andrews
In message <512c09f5.4040...@htt-consult.com>, Robert Moskowitz writes: > On 02/25/2013 03:25 PM, Robert Moskowitz wrote: > > > > On 02/25/2013 02:33 PM, Robert Moskowitz wrote: > >> > >> On 02/25/2013 02:00 PM, Casey Deccio wrote: > >>> On Mon, Feb 25, 2013 at 5:09 AM, Robert Moskowitz > >>> mai

Re: Stop of logging of No Valid Signature Found

2013-02-25 Thread Robert Moskowitz
On 02/25/2013 03:25 PM, Robert Moskowitz wrote: On 02/25/2013 02:33 PM, Robert Moskowitz wrote: On 02/25/2013 02:00 PM, Casey Deccio wrote: On Mon, Feb 25, 2013 at 5:09 AM, Robert Moskowitz mailto:r...@htt-consult.com>> wrote: Yes, I know lots of places don't have DNSSEC signed zones.

Re: Stop of logging of No Valid Signature Found

2013-02-25 Thread Robert Moskowitz
On 02/25/2013 02:33 PM, Robert Moskowitz wrote: On 02/25/2013 02:00 PM, Casey Deccio wrote: On Mon, Feb 25, 2013 at 5:09 AM, Robert Moskowitz mailto:r...@htt-consult.com>> wrote: Yes, I know lots of places don't have DNSSEC signed zones. **I** have not done mine yet, but I turned on

Re: Stop of logging of No Valid Signature Found

2013-02-25 Thread Robert Moskowitz
On 02/25/2013 02:00 PM, Casey Deccio wrote: On Mon, Feb 25, 2013 at 5:09 AM, Robert Moskowitz > wrote: Yes, I know lots of places don't have DNSSEC signed zones. **I** have not done mine yet, but I turned on DNSSEC checking on my server and I am getting

Re: Stop of logging of No Valid Signature Found

2013-02-25 Thread Casey Deccio
On Mon, Feb 25, 2013 at 5:09 AM, Robert Moskowitz wrote: > Yes, I know lots of places don't have DNSSEC signed zones. **I** have not > done mine yet, but I turned on DNSSEC checking on my server and I am > getting all too many messages like: > > validating @0xb4247b50: 117.in-addr.arpa NSEC

Re: Configure error - BIND10, 1.0.0 on Mac OS X 10.8.2

2013-02-25 Thread Shane Kerr
James, On Monday, 2013-02-25 13:56:58 +1100, James Brown wrote: > > On 23/02/2013, at 9:44 AM, JINMEI Tatuya / 神明達哉 > wrote: > > > At Sat, 23 Feb 2013 09:30:55 +1100, > > James Brown wrote: > > > >> Received an error running configure on Mountain Lion: > >> > >> ./configure > >> checking f

Stop of logging of No Valid Signature Found

2013-02-25 Thread Robert Moskowitz
Yes, I know lots of places don't have DNSSEC signed zones. **I** have not done mine yet, but I turned on DNSSEC checking on my server and I am getting all too many messages like: validating @0xb4247b50: 117.in-addr.arpa NSEC: no valid signature found: 1 Time(s) validating @0xb4247

Re: Unwanted resolver usage of /etc/host.conf

2013-02-25 Thread Phil Mayers
I don't believe it is correct to say "unused". Host.conf is still parsed and various directives obeyed. An absent / empty file may well be a sane default, but glibc still reads the file - just "strace" any process doing a name lookup. Fwiw fedora 18 has: multi on ...in the file. > >the host