Hello, There has been talk of a "null" or "pass-through" algorithm for OpenDNSSEC in the past. Switching between signed and unsigned mode would be a matter of changing signing policy, but all zone material would pass through OpenDNSSEC (with possible modifications to SOA serial numbers, I suppose).
I cannot find back in the 1.3.x documentation how this should be setup; has it been incorporated in this version? It would dramatically simplify our setup -- making it more statically configured and less worries about SOA counting. Thanks, -Rick _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
