Hi Leo,
Late reply! Sorry. Have been neglecting this folder.
On 2010-07-16, at 16:53, Leo Bicknell wrote:
In a message written on Fri, Jul 16, 2010 at 02:35:39PM +, Joe Abley
wrote:
The transition from Deliberately-Unvalidatable Root Zone (DURZ) to
production signed root zone took
On Fri, 16 Jul 2010, Jeffrey Ollie wrote:
The ITAR anchors.xml and anchors2keys use a different XML schema than
the root-anchors.xml does.
*sigh*
Tony.
--
f.anthony.n.finch d...@dotat.at http://dotat.at/
NORTHWEST FITZROY SOLE: SOUTHWESTERLY 5 OR 6, DECREASING 3 OR 4 LATER.
MODERATE OR
Root Zone DNSSEC Deployment
Technical Status Update 2010-07-16
This is the twelfth of a series of technical status updates intended
to inform a technical audience on progress in signing the root zone
of the DNS.
RESOURCES
Details of the project, including documentation published to date,
can
In a message written on Fri, Jul 16, 2010 at 02:35:39PM +, Joe Abley wrote:
The transition from Deliberately-Unvalidatable Root Zone (DURZ) to
production signed root zone took place on 2010-07-15 at 2050 UTC. The
first full production signed root zone had SOA serial 2010071501. There
have
Wonderful news!
Leo Bicknell wrote:
Perhaps you could explain why the keys are being made available in
formats that, as far as I can tell, no nameserver software on the
planet uses? Pretty much 100% of the users will need a conversion
from one of the 6 formats you provided, when you could have provided
6
Once upon a time, Leo Bicknell bickn...@ufp.org said:
Perhaps you could explain why the keys are being made available in
formats that, as far as I can tell, no nameserver software on the
planet uses? Pretty much 100% of the users will need a conversion
from one of the 6 formats you provided,
At 7:53 -0700 7/16/10, Leo Bicknell wrote:
Perhaps you could explain why the keys are being made available in
formats that, as far as I can tell, no nameserver software on the
planet uses?
(My guess:)
There's no standard input format for name servers, especially
regarding configuration
On Fri, 16 Jul 2010, Chris Adams wrote:
A simple XSLT will transform it into any needed format.
XSLT can't turn root-anchors.xml into the DNSKEY RR that BIND requires.
Tony.
--
f.anthony.n.finch d...@dotat.at http://dotat.at/
TYNE DOGGER FISHER: SOUTHERLY VEERING WESTERLY 5 TO 7, DECREASING
On 7/16/10 11:07 AM, Tony Finch wrote:
On Fri, 16 Jul 2010, Chris Adams wrote:
A simple XSLT will transform it into any needed format.
XSLT can't turn root-anchors.xml into the DNSKEY RR that BIND requires.
Tony.
anchors2keys will.
Once upon a time, Tony Finch d...@dotat.at said:
On Fri, 16 Jul 2010, Chris Adams wrote:
A simple XSLT will transform it into any needed format.
XSLT can't turn root-anchors.xml into the DNSKEY RR that BIND requires.
That sounds like a problem with BIND then. :-)
--
Chris Adams
On Fri, Jul 16, 2010 at 1:12 PM, Joel Jaeggli joe...@bogus.com wrote:
On 7/16/10 11:07 AM, Tony Finch wrote:
On Fri, 16 Jul 2010, Chris Adams wrote:
A simple XSLT will transform it into any needed format.
XSLT can't turn root-anchors.xml into the DNSKEY RR that BIND requires.
anchors2keys
Yeah oops.
Just noticed that
Joel's iPad
On Jul 16, 2010, at 5:34 PM, Jeffrey Ollie j...@ocjtech.us wrote:
On Fri, Jul 16, 2010 at 1:12 PM, Joel Jaeggli joe...@bogus.com wrote:
On 7/16/10 11:07 AM, Tony Finch wrote:
On Fri, 16 Jul 2010, Chris Adams wrote:
A simple XSLT will transform
Root Zone DNSSEC Deployment
Technical Status Update 2010-07-14
This is the eleventh of a series of technical status updates intended
to inform a technical audience on progress in signing the root zone
of the DNS.
RESOURCES
Details of the project, including documentation published to date,
can
Root Zone DNSSEC Deployment
Technical Status Update 2010-07-10
This is the tenth of a series of technical status updates intended
to inform a technical audience on progress in signing the root zone
of the DNS.
RESOURCES
Details of the project, including documentation published to date,
can
Root Zone DNSSEC Deployment
Technical Status Update 2010-06-18
This is the ninth of a series of technical status updates intended
to inform a technical audience on progress in signing the root zone
of the DNS.
RESOURCES
Details of the project, including documentation published to date,
can
Root Zone DNSSEC Deployment
Technical Status Update 2010-06-09
This is the eighth of a series of technical status updates intended
to inform a technical audience on progress in signing the root zone
of the DNS.
RESOURCES
Details of the project, including documentation published to date,
can
===
On Wed, May 5, 2010 at 2:23 PM, Joe Abley joe.ab...@icann.org wrote:
Root Zone DNSSEC Deployment
Technical Status Update 2010-05-05
This is the sixth of a series of technical status updates intended
to inform a technical audience on progress in signing the root zone
On Thu, 20 May 2010 08:33:47 PDT, itservices88 said:
I am having this problem now:
# dnssec-signzone -N INCREMENT mydomain.org
Verifying the zone using the following algorithms: RSASHA1.
Missing RSASHA1 signature for . NSEC
Missing trust anchor?
pgpG65C3ZegOp.pgp
Description: PGP
I have these in named.conf
dnssec-enable yes;
dnssec-validation yes;
// dnssec-lookaside . trust-anchor DLV.ISC.ORG;
With the trust-anchor uncommented, as soon as i enable and reload bind, dig
gives timeout, while dig has no issues with first two commands enabled.
-dani
On
Is there any specific dnssec mailing list, which might be more helpful.
Thanks
-dani
On Thu, May 20, 2010 at 8:53 AM, valdis.kletni...@vt.edu wrote:
On Thu, 20 May 2010 08:33:47 PDT, itservices88 said:
I am having this problem now:
# dnssec-signzone -N INCREMENT mydomain.org
Verifying
On Thu, 20 May 2010 09:19:44 PDT, itservices88 said:
Is there any specific dnssec mailing list, which might be more helpful.
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
(Unless I've fat-fingered it and it's elsewhere?)
pgp8YgFVEOAym.pgp
Description: PGP signature
On 2010-05-20, at 12:18, itservices88 wrote:
I have these in named.conf
dnssec-enable yes;
dnssec-validation yes;
// dnssec-lookaside . trust-anchor DLV.ISC.ORG;
With the trust-anchor uncommented, as soon as i enable and reload bind, dig
gives timeout, while dig has no
Is there any specific dnssec mailing list, which might be more helpful.
DNSSEC Deployment dnssec-deploym...@dnssec-deployment.org
http://www.dnssec-deployment.org/
steve
Root Zone DNSSEC Deployment
Technical Status Update 2010-05-17
This is the seventh of a series of technical status updates intended
to inform a technical audience on progress in signing the root zone
of the DNS.
CHANGE IN DEPLOYMENT SCHEDULE
The date for the publication of the root zone trust
...@icann.org wrote:
Root Zone DNSSEC Deployment
Technical Status Update 2010-05-05
This is the sixth of a series of technical status updates intended
to inform a technical audience on progress in signing the root zone
of the DNS.
** The final transition to a signed root zone took place
;; Query time: 11 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun May 16 11:02:43 2010
;; MSG SIZE rcvd: 641
===
On Wed, May 5, 2010 at 2:23 PM, Joe Abley joe.ab...@icann.org wrote:
Root Zone DNSSEC Deployment
Technical Status
:43 2010
;; MSG SIZE rcvd: 641
===
On Wed, May 5, 2010 at 2:23 PM, Joe Abley joe.ab...@icann.org wrote:
Root Zone DNSSEC Deployment
Technical Status Update 2010-05-05
This is the sixth of a series of technical status
Root Zone DNSSEC Deployment
Technical Status Update 2010-05-05
This is the sixth of a series of technical status updates intended
to inform a technical audience on progress in signing the root zone
of the DNS.
** The final transition to a signed root zone took place today
** on J-Root
This is the fourth of a series of technical status updates intended
to inform a technical audience on progress in signing the root zone
of the DNS.
RESOURCES
Details of the project, including documentation published to date,
can be found at http://www.root-dnssec.org/.
We'd like to hear from
30 matches
Mail list logo