In message <[email protected]>, Matus UHLAR - fantomas writes: > Hello, > > pardon my ignorance if this has been discussed (haven't notice), but > if BIND is configured to automatically sign dynamic zones, does it > distribute DS records to parent zones somehow? and if not, what are ways to > do that?
This is IETF dnsext/dnsop fodder. The simple way would be to just record a TSIG key in the child zones config to update the parent zone and use signed UPDATE messages. Unfortunately this has run into layer 9 issues. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [email protected] _______________________________________________ bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
