Re: DNSSEC - many doubts

David Alexandre M. de Carvalho wrote: > A few hints and tips... > my named.conf already has the following: > > dnssec-enable yes; You don't need this because it's on by default :-) > dnssec-lookaside auto; You want to remove this because the DNSSEC lookaside validation

Re: DNSSEC - many doubts

> On 2 Apr 2020, at 17:58, Warren Kumari wrote: > > If you are running an older machine and older kernel, the > /dev/random source is blocking Then just use /dev/urandom, both random and urandom are CSPRNG. Ondrej -- Ondřej Surý ond...@isc.org signature.asc Description: Message signed with

Re: DNSSEC - many doubts

On Thu, Apr 2, 2020 at 11:14 AM David Alexandre M. de Carvalho wrote: > > Hello, good afternoon. > My first post in this list :) > > I'm running BIND Chroot for many years (currently version 9.8.2) on some old > hardware running Oracle Linux 6. > I believe it was last year when I was reading

DNSSEC - many doubts

Hello, good afternoon. My first post in this list :) I'm running BIND Chroot for many years (currently version 9.8.2) on some old hardware running Oracle Linux 6. I believe it was last year when I was reading about implementing DNSSEC, and I think I've even tried to generate a keypair in the