On Thu, 2010-07-15 at 10:18 +, Kebba Foon wrote:
i did i set my recursive-clients to 1 but it does not help.
On Thu, 2010-07-15 at 20:21 +1000, Noel Butler wrote:
UDP
What version of Bind are you running and under which platform?
___
Hi,
satoshi takano píše v pá 16. 07. 2010 v 12:02 +0900:
Hi,
Just upgrade to 9.7.1-P1 on Solaris.
There are free packages ready to run at Blastwave.org
Or use supported Bind bundled with Solaris, the patch set delivers
9.6.x.
thanks.
I want to use bind 9.4.x, beacause I don't
Greetings, everyone.
Now that the signed root is finally in production, how do I initialize BIND's
RFC5011 key management from the XML file published by IANA?
I downloaded the files and checked the PGP signature:
http://data.iana.org/root-anchors/root-anchors.xml
From: Hauke Lampe la...@hauke-lampe.de
http://data.iana.org/root-anchors/root-anchors.xml
http://data.iana.org/root-anchors/root-anchors.asc
The XML file contains a DS hash of the root KSK, but BIND needs a public key
in the managed-keys clause.
Are there any tools to retrieve the
Hi,
It's probably just my lack of knowledge, but there seems to be a missing
RRSIG in the root zone.
I try to securely resolve example.net. I obviously get a delegation
returned (dig output below), but I can't seem to validate that
delegation. The delegation itself (and a direct request for
On Fri, Jul 16, 2010 at 06:16:13PM +0900,
Kazunori Fujiwara fujiw...@wide.ad.jp wrote
a message of 25 lines which said:
You can check root DNSKEY RR and root-anchors.xml
using dig and dnssec-dsfromkey.
Good idea and here is a Makefile and a XSLT script which automates the
whole thing. Bug
On 7/16/2010 6:25 AM, Niobos wrote:
It's probably just my lack of knowledge, but there seems to be a missing
RRSIG in the root zone.
I try to securely resolve example.net. I obviously get a delegation
returned (dig output below), but I can't seem to validate that
delegation. The delegation
On 7/16/2010 6:36 AM, Alan Clegg wrote:
On 7/16/2010 6:25 AM, Niobos wrote:
It's probably just my lack of knowledge, but there seems to be a missing
RRSIG in the root zone.
I try to securely resolve example.net. I obviously get a delegation
returned (dig output below), but I can't seem to
On 2010-07-16 12:36, Alan Clegg wrote:
.net isn't signed, and you don't sign out-of-zone data (glue and
delegation NS records).
But org. is signed, and gives the same result.
But anyway, it basically boils down to:
On 7/16/2010 6:25 AM, Niobos wrote:
It's probably just my lack of knowledge
On 7/16/2010 7:42 AM, Niobos wrote:
On 2010-07-16 12:36, Alan Clegg wrote:
.net isn't signed, and you don't sign out-of-zone data (glue and
delegation NS records).
But org. is signed, and gives the same result.
.org does not have a DS record in the root yet. This is an example of a
broken
That makes it clear for me; thank you very much!
As an unrelated side-note: does anyone know when org.'s DS will be
included in the root zone?
Niobos
On 2010-07-16 14:08, Alan Clegg wrote:
Trying to enhance that: Am I correct to state that it's not possible to
validate a delegation NS RRset?
As a once off I did the following last night. (yes I know the DNSKEY would
have been fine too). anchors2keys worked fine so long as the format was
correct so...
I just cut and pasted the content of :
https://data.iana.org/root-anchors/root-anchors.xml
Zone to delegation, algorithm, digest type
On Jul 16, 2010, at 1:43 PM, Stephane Bortzmeyer wrote:
On Fri, Jul 16, 2010 at 03:00:11PM +0200,
Kalman Feher kalman.fe...@melbourneit.com.au wrote
a message of 85 lines which said:
anchors2keys worked fine so long as the format was correct so...
I didn't know this tool. Where can we
On 7/7/2010 12:57 PM, Kalman Feher wrote:
If you really do have such a small pipe (with your email address I assume
Sweden. I didn't think Swedes even knew there were link types other than
fibre ;) )then perhaps you're throttling it to the point where your NTP sync
drops off.
NTP hat
That
14 matches
Mail list logo