On 09.07.2013 16:49, Klaus Darilion wrote:
On 08.07.2013 17:53, Joe Abley wrote:
Hi Klaus,
On 2013-07-08, at 09:13, Klaus Darilion
<klaus.mailingli...@pernau.at> wrote:
I want to sign a certain zone multiple times: 1x the original zone
+ 1x a modified "backup" zone (change SOA serial and maybe some
other records)
CIRA's signing infrastructure with .CA provides some experience for a
somewhat similar setup. CIRA uses OpenDNSSEC to manage the key
policy, and the identities of the keys required to make signature are
extracted from the live policy in order to do their parallel signing
with BIND9 (they sign with multiple signers and compare the results
before publication).
So, they sign with ods-signer and additionally with the bind signing
tools? Or do they use only the bind signing tools?
Answering myself: Yes, bind+ODS
https://wiki.opendnssec.org/display/USERDOCREF/OpenDNSSEC+Deployment+-+CIRA
_______________________________________________
Opendnssec-user mailing list
Opendnssec-user@lists.opendnssec.org
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
