Op 22-06-11 12:33, Volker Janzen schreef: > Hi, > > okay, but when I want a complete automation of the roll-over process, > I'd need something around OpenDNSSEC that manages: > > - send DNSKEY data that is supplied by OpenDNSSEC to registrar
For my environment I've decided that I don't want this step to be automated. From a security point of view I think its a good idea to have a human manage the uploading of keys. Secondly, fixing a wrong/broken KSK seems rather involving and time consuming, I'd prefer to make sure this never happens. (Thirdly, as far as I know there is no standarized way for uploading keys. My parent expects the keys to be mailed). -- Casper Gielen <[email protected]> | LIS UNIX PGP fingerprint = 16BD 2C9F 8156 C242 F981 63B8 2214 083C F80E 4AF7 Universiteit van Tilburg | Postbus 90153, 5000 LE Warandelaan 2 | Telefoon 013 466 4100 | G 236 | http://www.uvt.nl
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
