I have three questions regarding dnssec-signzone:
To clarify things, I'm using BIND 9.7.2-P2.
First is about input file: you can specify on the command line either the
signed version of the zone, or the unsigned one.
What I'd like to do hovever, is to use both.
The unsigned zone is much more
On Tue, 1 Feb 2011, Torinthiel wrote:
To clarify things, I'm using BIND 9.7.2-P2.
First is about input file: you can specify on the command line either the
signed version of the zone, or the unsigned one.
What I'd like to do hovever, is to use both.
The unsigned zone is much more readable,
On Tue, 1 Feb 2011, Torinthiel wrote:
Third is about -N option:
a well established practice (although I don't know what was the origin) is
to set SOA serial number to eg 2011020101, which is current day and
two-digit of daily version. This has benefit of being almost as good as
putting unixtime
3 matches
Mail list logo
