Maintained by: NLnet Labs

Unbound and DNSSEC - different answers from 1.4.22 and 1.5.6

Aleš Rygl
Wed Nov 25 17:58:26 CET 2015


Hello Casey,

On Wednesday 25 of November 2015 11:08:39 Casey Deccio wrote:
> On Wed, Nov 25, 2015 at 10:19 AM, Aleš Rygl <unbound-users at unbound.net>
> 
> wrote:
> > I am running Unbound 1.4.22 on Debian 7.9 for production and  have also
> > installed  Unbound 1.5.6-1 on Debian 8.2. Both are validating with nearly
> > identical config.
> 
> In the 1.5.5 release, the following default behavior changed:
> 
> - Change default of harden-algo-downgrade to off. This is lenient for
>   algorithm rollover.

You are right of course - just tested. Thanks a lot for your immediate 
response. You really made me happy at the end of the hard day.

With regards
Ales