On 12/04/2023 7:51 pm, Petr Špaček wrote:
There is a philosophical question whether this is something a DNS
server should do.
You make a very good point.
There are external tools which can automate zone scan, e.g.
https://github.com/CZ-NIC/fred-cdnskey-scanner
It hadn't occurred to me to
On 12. 04. 23 5:38, Nick Tait via bind-users wrote:
I'm currently running a few DNSSEC zones in BIND using dnssec-policy
option, albeit with an unlimited lifetime on the KSK, so that I can
control KSK roll-overs (which is necessary because my Registrar doesn't
support RFC 7344)...
Anyway I
Hi list.
I'm currently running a few DNSSEC zones in BIND using dnssec-policy
option, albeit with an unlimited lifetime on the KSK, so that I can
control KSK roll-overs (which is necessary because my Registrar doesn't
support RFC 7344)...
Anyway I know that BIND supports RFC 7344 via
3 matches
Mail list logo
