My earlier post described altering the format and included the file
that anchors2keys would work with.
Kal Feher
On 17/07/2010, at 23:46, "Stephane Bortzmeyer"
wrote:
On Fri, Jul 16, 2010 at 01:57:05PM +,
ALAIN AINA wrote
a message of 20 lines which said:
https://itar.iana.org/i
> How do you manage "managed-keys"? I there a way to ask bind which key
> (for a given zone) is actually in use? Or is there a possibility to get
> rid of a trust anchor that found it's way into managed-keys.bind (short
> of stopping bind and editing managed-keys.bind)?
BIND 9.7.2 will introduce a
On Sat, 17 Jul 2010, Stephane Bortzmeyer wrote:
On Sat, Jul 17, 2010 at 01:36:05PM -0700,
Doug Barton wrote
a message of 24 lines which said:
*if* the zone manager follows
RFC 5011 (which, as far as I know, the root does not use
yet).
How could it, when this is the first key deployed? :)
On Fri, 2010-07-16 at 08:41 +, Kebba Foon wrote:
> am running 9.6-ESV-R1 on Debian 5.0 lenny
>
You might need to ensure your operating system can handle more than 1024
file descriptors as it sounds like it is not, but the logs should
reflect this, this could be your problem, if it's not, th
On Sat, Jul 17, 2010 at 10:36:39PM +0200,
Gilles Massen wrote
a message of 21 lines which said:
> I there a way to ask bind which key (for a given zone) is actually
> in use?
In the log?
23-Oct-2009 10:55:10.169 zone managed-keys.bind/IN/_meta: Initializing
automatic trust anchor management
On Fri, Jul 16, 2010 at 01:57:05PM +,
ALAIN AINA wrote
a message of 20 lines which said:
> https://itar.iana.org/instructions/
It does not work, it was only for ITAR and the published Trust Anchor
uses a different format:
% ./anchors2keys -v root-anchors.xml
No DNSKEYs found, quitting
T
On Sat, Jul 17, 2010 at 01:36:05PM -0700,
Doug Barton wrote
a message of 24 lines which said:
>> *if* the zone manager follows
>> RFC 5011 (which, as far as I know, the root does not use
>> yet).
>
> How could it, when this is the first key deployed? :)
OK, let's rephrase it: as far as I know
Hello,
How do you manage "managed-keys"? I there a way to ask bind which key
(for a given zone) is actually in use? Or is there a possibility to get
rid of a trust anchor that found it's way into managed-keys.bind (short
of stopping bind and editing managed-keys.bind)?
Best,
Gilles
--
Fondatio
On Sat, 17 Jul 2010, Stephane Bortzmeyer wrote:
On Sat, Jul 17, 2010 at 08:49:04AM -0500,
Lyle Giese wrote
a message of 30 lines which said:
What is the difference between managed-keys and trusted-keys?
managed-keys are automatically updated *if* the zone manager follows
RFC 5011 (which, as
On Wed, 14 Jul 2010, Lyle Giese wrote:
I would replace example.com in the SOA with @
I generally recommend against doing this unless you are explicitly
planning to use the same zone file with multiple zones. There is no
advantage to using @ in a one-zone file, and unnecessary obfuscation is
> Then why was anchors2keys written to create only trusted-keys??
My guess is because managed-keys was only introduced in BIND 9.7, and
they wanted to be able to support 9.6 as well.
> It doesn't look hard to modify the script, but there appears to be
> subtle differences in syntax between the t
Alan Clegg wrote:
> On 7/17/2010 9:49 AM, Lyle Giese wrote:
>
>
>> What is the difference between managed-keys and trusted-keys?
>>
>
> Managed keys automatically watch for RFC-5011 "roll over" and update
> when new keys are made available. Trusted keys are manually managed and
> will cau
On 7/17/2010 9:49 AM, Lyle Giese wrote:
> What is the difference between managed-keys and trusted-keys?
Managed keys automatically watch for RFC-5011 "roll over" and update
when new keys are made available. Trusted keys are manually managed and
will cause you to have problems if you forget to c
On Sat, 17 Jul 2010, Lyle Giese wrote:
OK I am confused a bit. Can someone shed just a bit of light on this
for me? (This is such a new topic not much is available in searches yet)
IANA put out anchors2keys python script and I have that working. If I
include the resulting files into named.co
On Sat, Jul 17, 2010 at 08:49:04AM -0500,
Lyle Giese wrote
a message of 30 lines which said:
> What is the difference between managed-keys and trusted-keys?
managed-keys are automatically updated *if* the zone manager follows
RFC 5011 (which, as far as I know, the root does not use
yet). tru
OK I am confused a bit. Can someone shed just a bit of light on this
for me? (This is such a new topic not much is available in searches yet)
IANA put out anchors2keys python script and I have that working. If I
include the resulting files into named.conf as an include,
named(9.7.1-P2) loads up
16 matches
Mail list logo
