.
Kind regards,
Marc Lampo
Security Officer
EURid
From: McConville, Kevin [mailto:kmcconvi...@albany.edu]
Sent: 04 October 2011 09:10 PM
To: bind-users@lists.isc.org
Subject: DNSSEC Signing Key Questions
Im new to this list, so please bear with me if these are/seem like
newbie questions
I'm new to this list, so please bear with me if these are/seem like newbie
questions.
We are currently evaluating a DNSSEC implementation. We have several static
zones that we would like to implement first. We are currently using ISC Bind
9.7.4 - In the test environment (1) Authoritative dns
McConville, Kevin kmcconvi...@albany.edu wrote:
1) Is there any way to have the zsk be auto-generated based upon the
inactive date listed in the zsk meta-data?
Not yet, though I believe this feature is on the wish list.
2) With a static zone, are the update-policy local and auto-dnssec
Played with OpenDNSSEC - and was a bit disappointed. Actually flew to
Sweden and attended the course. It works - but acts like a black box -
you don't have any finger-poking ability when things go wrong (for fun -
we deleted a key out of the HSM - bad idea!)
I don't like having to run everything
4 matches
Mail list logo
