Hi Randy, >> I'm interested in knowing if it is standard practice amongst folks to >> sign .arpa zones. Is there a compelling use case for signing reverse >> zones? > > standard practice? you some kinda control freak?
Learned at the feet of the masters (and thank you :-) > first there is the arguments about whether reverse zones are useful and > should be populated. i happen to use reverse lookup daily, so i try to > maintain them well for all the address space for which i am responsible. We do likewise. > so, given that i am gonna maintain the zone, why would i not want to > also sign the data? the amount of work is trivial, and it's just one > more step in trying to paint security on the horribly insecure internet. I was anticipating more of a beating for my question, but apparently there is an overabundance of politeness here :-) All points taken. mark _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
