Page 1 of 1

NSEC3 not working in the clientarea

Posted: 03 Nov 2018, 22:54
by bady
Hello,

when I activate the Setting "Use NSEC3 instead of the default NSEC." and the client activate DNSSec in the clientarea, the zone use NSEC and not NSEC3. When I activate DNSsec in the Adminarea it use NSEC3.
Is the a seperate setting for NSEC3 in the clientarea or is this a bug?

I am using Version 3.18.006

Re: NSEC3 not working in the clientarea

Posted: 04 Nov 2018, 12:57
by Daniel
Thank you for your post. I have looked into the issue your experience and found the NSEC3 processing is missing. For this reason I have added an enhancement request for this recently added feature.

During zone creation the NSEC3 parameter is applied but when an admin manually enables DNSsec, NSEC3 won’t be applied since the admin has the option to enable/disable NSEC3 per zone.

When it comes to clients we don’t want the same behaviour as in the admin area. Therefore it should use the system default instead. Definitely an enhancement which should be made!