What is the point of enabling the "Use DNSSEC" option?

When "Use DNSSEC" is enabled, I see there are different tags on queries:


Most of them are INSECURE for my case so I am wondering if the option just tags them yet still allows them. If that is true, what does enabling it achieve functionally? Wouldn't you want "bad" ones (is that what BOGUS means) to get dropped?

It is normal (now) for most queries to show INSECURE, which indicates they don't have a DNSSEC record installed.

TY for the link. Is there a way to drop BOGUS ones? Seems like they would be bad and should not be allowed.

BOGUS responses don't return an IP address. There's no information that you can get from them. That's why you use DNSSEC.

1 Like

My bad then. I thought the corresponding webpage opened despite this.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.