-----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Miek Gieben Sent: Saturday, February 18, 2012 12:42 AM To: [email protected] Subject: Re: A few conceptual question about dnssec. [ Quoting < <mailto:[email protected]> [email protected]> at 00:36 on Feb 18 in "RE: A few conceptual..." ] > Firstly, where do we get the public key for the DS records? > > Can you clarify your question??? > > > > Second, why do I get multiple DS records as response? – > > You will always get a 2 DS Records in response. One for SHA-1 and > second for SHA-256. That completely depends on what is configured in the zone. But I think it is recommended that you should always put 2 DS Records in your zone file corresponding to each child zone. One for SHA1 and second for SHA256. That’s why we always get 2 DS Records from ROOT Server pointing to TLDs. Perhaps this will help: <http://nlnetlabs.nl/publications/dnssec_howto/> http://nlnetlabs.nl/publications/dnssec_howto/ grtz Miek
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
