On 29.07.18 17:12, Nicola Tiling wrote: > > "Publish the CDS records: pdnsutil set-publish-cds example.com, these records > will tell the parent zone to update its DS records. Now wait for the DS > records to be updated in the parent zone." >
For CDS/CDNSKEY rollovers the parent zone has to support RFC8078 ( https://tools.ietf.org/html/rfc8078 ) . Currently, .cz is the the only TLD supporting this mechanism. Other TLDs working on it. To add/update DS records for a domain in the .net zone you'll have to update it manually through your registrar's interface. > If I publish the DS keys for a .net domain, will there be two DS hashes in > the .net root zone after the TTL from 86400 runs off? And after that I can > switch active/inactive keys? Or should the DS be immediately be found on > a.gtld-servers.net? Or what should happen? After adding the new DS it will eventually be published(I don't know how often .net is reloaded) and both DS records will be visible after DS TTL has expired. Best regards Oli _______________________________________________ Pdns-users mailing list [email protected] https://mailman.powerdns.com/mailman/listinfo/pdns-users
