In message <20101209220716.ga2...@fantomas.sk>, Matus UHLAR - fantomas writes: > Hello, > > pardon my ignorance if this has been discussed (haven't notice), but > if BIND is configured to automatically sign dynamic zones, does it > distribute DS records to parent zones somehow? and if not, what are ways to > do that?
This is IETF dnsext/dnsop fodder. The simple way would be to just record a TSIG key in the child zones config to update the parent zone and use signed UPDATE messages. Unfortunately this has run into layer 9 issues. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
