On 23/10/23 21:04, Marc Baudoin via lpi-examdev wrote:
Fabian Thorns via lpi-examdev <[email protected]> écrit :
This thread is supposed to capture the discussion of the objectives draft
for exam 201-500. The current draft for the new version is available in the
LPI wiki:
The major change proposals can be summarized like this:
Not mentioned because it has not changed, 207.3 Securing a DNS
Server shouldn't insist much on dnssec-keygen and dnssec-signzone
because it's done automatically by newer versions of BIND (since
9.16, released in 2020 and it's important to run a not-so-old
version of BIND). I suggest adding KASP (Key and Signing Policy)
and the dnssec-policy statement to the objectives as they
represent the future whereas dnssec-keygen and dnssec-signzone
represent the past.
I agree, dnssec-keygen and dnssec-signzone are mostly unused today, and
I suggest adding tsig-keygen because current version of dnssec-keygen do
not create anymore TSIG keys.
Simone
--
Simone Piccardi Truelite Srl
[email protected] (email/jabber) Via Monferrato, 6
Tel. +39-347-1032433 50142 Firenze
http://www.truelite.it Tel. +39-055-7879597
_______________________________________________
lpi-examdev mailing list
[email protected]
https://list.lpi.org/mailman/listinfo/lpi-examdev
