On Wed Nov 30 2011 at 20:45:30 CET, Michael Graff wrote:
For my VM environment, I bought a USB random source, and share it
across the VMs with a little daemon I wrote.
Would you be willing to give us a few more details, such as the name of
the USB random source generator (is it an Entropy
Jan-Piet Mens wrote:
- Original message -
Would you be willing to give us a few more details, such as the name of
the USB random source generator (is it an Entropy Key) ?
Of course
, if you do tell us what hardware you're using, the next thing
will be we'll want a copy of your
I'm using an Araneus Alea I, from http://www.araneus.fi/products-alea-eng.html.
I'm sure others would work as well. I know the creator of this device
personally though, so it's the one sticking out of the back of the box I own.
:)
As for the daemon, well, I may have to find the time to
Hopefully this is a duh moment that I'm having. I am testing out what happens
when you have set the ZSK inactive and delete times and then try to sign the
zone via a rndc reload zonename command (using static zone file with inline
signing).
We have 3 keys as listed below:
KSK - 63406
ZSK -
On Dec 1 2011, McConville, Kevin wrote:
Hopefully this is a duh moment that I'm having. I am testing out what
happens when you have set the ZSK inactive and delete times and then try
to sign the zone via a rndc reload zonename command (using static zone
file with inline signing).
We have 3
On Thu, 1 Dec 2011, Chris Thompson wrote:
I think that because you have told it to inactivate and indeed delete both
ZSKs, in desperation it has signed the whole zone with the the only remaining
key, even though it has the SEP bit set.
The SEP bit does not mean do not sign zone data. It means
On Thu, 1 Dec 2011, Michael Graff wrote:
I'm using an Araneus Alea I, from http://www.araneus.fi/products-alea-eng.html.
I'm sure others would work as well. I know the creator of this device
personally though, so it's the one sticking out of the back of the box I own.
:)
At 150 EURO,
With the pending release of BIND 9.9.0, and the beta testing my company is
currently doing, we've realized we need a good way to detect zone file type and
convert it.
Is there any simple way to look at a file and quickly determine whether or not
it's a BIND raw format zonefile, as opposed to a
Yeah, a number of motherboards now come with TPMs that include hardware RNGs...
My current personal server (Dell R710) has just such a beastie -- there is some
info here: http://domsch.com/blog/?p=107 and I *think* that the rng-tools
package now supports it natively
I spent *many* hours
I've looked at a few of them, and I noticed that all the ones I've seen
start with the four-octet string 00 00 00 02. Is that sufficient?
I'd recommend checking the next four octets as well; they'll be 00 00 00 00
or 00 00 00 01. The first of those is the format that's always been used
up to
On Thu, 1 Dec 2011, Warren Kumari wrote:
Yeah, a number of motherboards now come with TPMs that include hardware RNGs...
My current personal server (Dell R710) has just such a beastie -- there is some
info here: http://domsch.com/blog/?p=107 and I *think* that the rng-tools
package now
i'm seeing unexpected behavior that seems to be related to using dnssec and
having a view defined for the chaos class.
named complains:
01-Dec-2011 22:47:34.712 general: info: managed-keys-zone ./IN/default: loaded
serial 11
01-Dec-2011 22:47:34.712 general: error: managed-keys-zone
12 matches
Mail list logo