Hi Mark,
On 24-11-2022 13:44, Mark Elkins via bind-users wrote:
OK - so I read RFC7344... Automating DNSSEC Delegation Trust Maintenance
There are two interesting paragraphs.
_/5. CDS/CDNSKEY Publication/_/
//
// The Child DNS Operator publishes CDS/CDNSKEY RRset(s). In order to//
//
OK - so I read RFC7344... Automating DNSSEC Delegation Trust Maintenance
There are two interesting paragraphs.
_/5. CDS/CDNSKEY Publication/_/
//
// The Child DNS Operator publishes CDS/CDNSKEY RRset(s). In order to//
// be valid, the CDS/CDNSKEY RRset(s) MUST be compliant with the
:-) Will let you know in a year!
ps - please, please keep the CDS's in the child zone - reflecting the
current KSK's! (etc)
On 2022/11/24 09:50, Matthijs Mekking wrote:
Hi,
I think this should work with some caveats.
First, If you migrate to dnssec-policy (that is the zone is already
On Wed 23/Nov/2022 16:54:56 +0100 Niall O'Reilly wrote:
With "APT-Sources: http://ppa.launchpad.net/isc/bind/ubuntu focal/main amd64
Packages",
the file /usr/share/doc/bind9/README.Debian recommends:
Zones subject to automatic updates (such as via DHCP and/or nsupdate) should be
stored in
4 matches
Mail list logo
