Re: BIND-9.16.1 & KASP

Thanks for the reply On 2020/04/14 08:42, Matthijs Mekking wrote: Mark, On 4/13/20 8:54 PM, Evan Hunt wrote: On Mon, Apr 13, 2020 at 02:22:53PM +0200, Mark Elkins wrote: Question - What are the "TYPE65534" records? What are they saying? I am using "DiG 9.16.1" so surprised it doesn't

Re: BIND-9.16.1 & KASP

Mark, On 4/13/20 8:54 PM, Evan Hunt wrote: > On Mon, Apr 13, 2020 at 02:22:53PM +0200, Mark Elkins wrote: >> Question - What are the "TYPE65534" records? What are they saying? I am >> using "DiG 9.16.1" so surprised it doesn't know. > > This is a mechanism named uses to keep track of the status

Re: BIND-9.16.1 & KASP

> On 14 Apr 2020, at 04:54, Evan Hunt wrote: > > On Mon, Apr 13, 2020 at 02:22:53PM +0200, Mark Elkins wrote: >> Question - What are the "TYPE65534" records? What are they saying? I am >> using "DiG 9.16.1" so surprised it doesn't know. > > This is a mechanism named uses to keep track of the

Re: BIND-9.16.1 & KASP

On Mon, Apr 13, 2020 at 02:22:53PM +0200, Mark Elkins wrote: > Question - What are the "TYPE65534" records? What are they saying? I am > using "DiG 9.16.1" so surprised it doesn't know. This is a mechanism named uses to keep track of the status of zone signing operations, so that if there's a

BIND-9.16.1 & KASP

Hi all, I have been experimenting with BIND-9.16.1 & KASP. So far - it really looks great and it should greatly simplify DNSSEC for the masses. My named.conf entry:- dnssec-policy "ecdsa256-policy" {     dnskey-ttl 3600;     keys {     ksk lifetime unlimited algo