the SPNs involved have
to be aliases of each other, it seems.
--
Magnus Holmgren
MILLNET AB
--
Vid e-postkontakt med Millnet är det normalt att åtminstone vissa
personuppgifter sparas om dig. Du kan läsa mer om vilka uppgifter som
sparas och hur vi hanterar dem på https://www.millnet.se
ete. Still,
shouldn't BIND have been able to figure this out on its own? It kept using
NSEC because of the incompatible key, and it kept the incompatible key needed
to verify the NSEC records. Catch-22? (Yes, I've read about the questionable
merits of NSEC3.)
--
Magnus Holmgren, utvecklare
onsdag 10 augusti 2022 kl. 11:21:11 CEST skrev Matthijs Mekking:
> On 10-08-2022 11:13, Magnus Holmgren wrote:
> > One question: Is it
> > necessary to use rndc dnssec -checkds or is that only meant as a backup,
> > and named is supposed to query the parent for DS
onsdag 10 augusti 2022 kl. 11:21:11 CEST skrev Matthijs Mekking:
> The subject of the mail seems to indicate a different problem than the
> body, or am I missing something?
Thanks for the reply. I probably should have changed the subject after I
solved the problem midway.
--
Magnus Ho
torsdag 11 augusti 2022 kl. 17:47:40 CEST skrev Matthijs Mekking:
> Magnus,
>
> On 11-08-2022 11:26, Magnus Holmgren wrote:
> > onsdag 10 augusti 2022 kl. 11:21:11 CEST skrev Matthijs Mekking:
> >> On 10-08-2022 11:13, Magnus Holmgren wrote:
> >>> One questio
until the old keys had been removed, and I didn't
immediately connect the two warnings together.
> So here is a merge request that you can try out, or you can wait until
> this makes a 9.18 release:
>
> https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/6647
Thanks. I'll see
6 matches
Mail list logo
