Evan Hunt wrote:
>
> KSK rollovers are still trickier since they require interaction with
> your parent zone. I hope to get support for CDS/CDNSKEY signaling into
> dnssec-keymgr, but whether that ultimately will be useful or not depends
> on whether domain registrars make use of it.
Even if your
On Tue, Mar 13, 2018 at 12:30:57PM -0400, Jim Popovitch via bind-users wrote:
> Is there a roadmap for DNSSEC signing capabilities? I'm specifically
> wondering if any features are planned to fully automate signing, such
> as being able to specify simple zone options like "dnssec-cycle=90d;"
> an
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hello,
Is there a roadmap for DNSSEC signing capabilities? I'm specifically
wondering if any features are planned to fully automate signing, such
as being able to specify simple zone options like "dnssec-cycle=90d;"
and having bind9 fully manage t
Mark Andrews wrote:
> While it will speed up things slightly it won’t avoid the issue as TTLs
> vary.
Oh, duh, I should have thought of that. Thanks for pointing it out :-)
Tony.
--
f.anthony.n.finchhttp://dotat.at/ - I xn--zr8h punycode
Fisher, German Bight: Variable, becoming southeast
On Tue, Mar 13, 2018 at 10:52:50AM +0100,
Carsten Strotmann wrote
a message of 19 lines which said:
> is automatic DNSSEC Delegation Trust Maintenance (RFC 7344/8078)
> already support at the TLD level somewhere? I know it is implemented
> in BIND 9.11+ and Knot, but can it be used in the real
Hi,
is automatic DNSSEC Delegation Trust Maintenance (RFC 7344/8078) already
support at the TLD level somewhere? I know it is implemented in BIND
9.11+ and Knot, but can it be used in the real Internet :)
I searched the usual places but cannot find any information indicating
support at TLD level.
6 matches
Mail list logo