via
bind-users
Sent: Thursday, 18 July 2019 10:22 PM
To: m...@posix.co.za; bind-users@lists.isc.org
Subject: Re: DNSSEC validation via DLV
Not a difficult process really..
-Configure a DNSSEC enabled name server
-Create a some zone keys (dnssec-keygen) -Sign your zone (dnssec-signzone)
-Update
On 19/07/2019 9:27 am, p...@vspace.co.za wrote:
>
> Problem being, no options exist as to export the DS record of co.za, com.au
> or net.au domains to the respective registrars, being namecheap.com and
> axxess.co.za.
>
Change registry right ?
Crazy domains supports them for the ".com.au"
validation via DLV
Not a difficult process really..
-Configure a DNSSEC enabled name server
-Create a some zone keys (dnssec-keygen) -Sign your zone (dnssec-signzone)
-Update your nameserver configuration to point to the signed zone file -Export
your DS records (dsset) to the domain registration
Not a difficult process really..
-Configure a DNSSEC enabled name server
-Create a some zone keys (dnssec-keygen)
-Sign your zone (dnssec-signzone)
-Update your nameserver configuration to point to the signed zone file
-Export your DS records (dsset) to the domain registration company (EPP).
I can't comment on com.au (but looking up the Nameservers, I see the AD
bit set - so DNSSEC appears to be in use..
However, co.za (and net.oza, org.za & web.za) which are managed by the
ZACR (and DNS) - they are all signed and I personally have domains under
these second levels - all running
With DLV (DNSSEC Lookaside Validation) having been decommissioned, though
zones still exists that does not provide a fully signed path from root to
zone, i.e. .com.au , co.za etc, how would an administrator enable /
implement DNSSEC validation for these zones ?
6 matches
Mail list logo
