In message <camclrkgpqt+klgfhh+9yztjhke+-9uy9_d9vgejefjbbefb...@mail.gmail.com> , Mark Boolootian writes: > I'm interested in knowing if it is standard practice amongst folks to > sign .arpa zones. Is there a compelling use case for signing reverse > zones?
All zones should be signed. For structured zones like these NSEC3 is pointless. With a signed reverse zone can be leveraged to provide cryptographic secure communication to a ip. > Thoughts appreciated, > mark > _______________________________________________ > dns-operations mailing list > [email protected] > https://lists.dns-oarc.net/mailman/listinfo/dns-operations > dns-jobs mailing list > https://lists.dns-oarc.net/mailman/listinfo/dns-jobs -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [email protected] _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
