Re: Testing RFC 5011 key roll

Jan-Piet Mens Sat, 18 Apr 2015 00:14:48 -0700

Edward,

the subject of this message piqued my interest ;-)


> 17-Apr-2015 10:17:02.083 starting BIND 9.10.0 -g -c rfc5011.conf

Very ouch. Much pain. Lots frustration. Many hairpulls. Mucho crash. ;)

Upgrade to 9.10.2 [1] in which Evan fixes the CVE we discovered on
RFC5011 rolls and, thankfully, adds comments to BIND's managed-keys.db
in which BIND then tells us nice things, e.g. whether key is trusted,
revoked, etc.

        -JP


[1] https://kb.isc.org/article/AA-01257/0/BIND-9.10.2-Release-Notes.html
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Testing RFC 5011 key roll

Reply via email to