Joe Baptista wrote:
> ORG and GOV and quite a lot of the ccTLD's are "DNSSEC compatible", so I
> don't actually think it'd be much of a horserace if compatibility is all
> you're looking for.
>
>
> I agree they are both DNSSEC compatible but .GOV has only deployed
> DNSSEC in 20% of
Nicholas Wheeler wrote:
> On Tue, 2010-02-23 at 23:40 +0300, Eugene Crosser wrote:
>> (Well, for now the plan is to do it once a year by hand. Then, we'll see...)
>
> For the record, NIST recommends to roll the ZSK every three months, and
> the KSK every two years.
Let
Stephane Bortzmeyer wrote:
> There is nothing about key rollover, it seems? How do you handle it?
I don't.
(Well, for now the plan is to do it once a year by hand. Then, we'll see...)
Regards,
Eugene
signature.asc
Description: OpenPGP digital signature
__
Daniel Morgan wrote:
> On Mon, 2010-02-22 at 08:00 +, Evan Hunt wrote:
>>> This completed just fine - but what I can't find is any details on how
>>> to physically install it after building. I'm used to things like 'make
>>> install', but I don't want to blindly run random commands that may cau
> HOW TO CONFIGURE AUTO-SIGNED DYNAMIC ZONES WITH BIND9
>
> This document describes how to configure bind9 to
> automatically sign zones as they are being modified
> by dynamic update mechanism.
Reviewed version placed here: http://www.average.org/dnssec/
Eugene
Please comment!
Eugene
===
HOW TO CONFIGURE AUTO-SIGNED DYNAMIC ZONES WITH BIND9
This document describes how to configure bind9 to
automatically sign zones as they are being modified
by dynamic update mechanism. It is assumed that
you already know how
Mark Andrews wrote:
>> I would like to make dynamic zone automatically signed.
> Firstly upgrade to BIND 9.6.0 or later as it supports re-signing
[etc]
Thanks Mark!
With your directions, I got the system airborne in no time.
Do you think there is an appropriate place somewhere for a small
one-
Hello everyone, I am new here.
I am running a manually signed zone (average.org) for my domain for some
time now. I also have a separate subdomain zone (dyn.average.org) that
allows dynamic updates, and that is currently not signed. Bind version
is 9.5.1. (debian stable).
I would like to make dyn
8 matches
Mail list logo
