I hope to roll out my DNS upgrade today, but without enabling DNSSEC;
that will take a bit longer.
One of my secondaries, though, does not support DNSSEC and it is the one
that gives me a bit of geographical diversity. So I am looking for
someplace that will accept my smallish domains.
Hi Robert..
You can try using my DNS project..
http://manage.dnssocial.com
http://www.dnssocial.com
http://manage.dnssocial.com/gdrive
Please click add slave server button. TQ
FYI we also already come out with appliance version.
If someone feels that they had never made a mistake in their
https://puck.nether.net/dns/login
--
Bryan S.G.
On 17 February 2013 20:40, Robert Moskowitz r...@htt-consult.com wrote:
I hope to roll out my DNS upgrade today, but without enabling DNSSEC; that
will take a bit longer.
One of my secondaries, though, does not support DNSSEC and it is the
From: Robert Moskowitz r...@htt-consult.com
One of my secondaries, though, does not support DNSSEC
How does a secondary authoritative DNS server fail to support DNSSEC?
It's not as if it would be doing any signature checking or automagic
(re)signing. Does it not tolerate the not at all new
On Sun, 17 Feb 2013, Vernon Schryver wrote:
In any case, some naming and shaming seems appropriate. Basic
Naming and shaming seems excessive for a free service.
Dave
--
David Forrest St. Louis, Missouri
___
Please visit
On 02/17/2013 09:57 AM, David Forrest wrote:
On Sun, 17 Feb 2013, Vernon Schryver wrote:
In any case, some naming and shaming seems appropriate. Basic
Naming and shaming seems excessive for a free service.
Just like I am FINALLY moving to DNSSEC, the fellow running the system I
have
On 02/17/2013 09:44 AM, Vernon Schryver wrote:
From: Robert Moskowitz r...@htt-consult.com
One of my secondaries, though, does not support DNSSEC
How does a secondary authoritative DNS server fail to support DNSSEC?
It's not as if it would be doing any signature checking or automagic
From: David Forrest d...@maplepark.com
In any case, some naming and shaming seems appropriate. Basic
Naming and shaming seems excessive for a free service.
Services that do not charge users money are often not really free.
That this case might cost security instead of eyeballs should not
On 02/17/2013 11:48 AM, Vernon Schryver wrote:
From: David Forrest d...@maplepark.com
In any case, some naming and shaming seems appropriate. Basic
Naming and shaming seems excessive for a free service.
Services that do not charge users money are often not really free.
This is my concern
On 02/17/2013 12:11 PM, Vernon Schryver wrote:
From: Robert Moskowitz r...@htt-consult.com
The Redhat docs on bind had a warning about not implementing features,
like DNSSEC if your secondaries doesn't support it. That is all I am
going on. I think I also saw it in some isc.org doc.
In your
Vernon Schryver v...@rhyolite.com wrote:
How does a secondary authoritative DNS server fail to support DNSSEC?
A security-aware authoritative server has to support:
* EDNS0 and DO
* RRSIG records alongside the RRsets they cover in responses
* Special logic for DS in parent zones
* NSEC or
Robert Moskowitz r...@htt-consult.com wrote:
One of my secondaries, though, does not support DNSSEC and it is the one that
gives me a bit of geographical diversity. So I am looking for someplace that
will accept my smallish domains.
Have a look at https://web.gratisdns.dk - Danish only, but
I have used Gratisdns.dk for years with no issue. I you buy the domains
through them, they will even remind you in good time to renew ;-)
And you can't beat the price for DNS - I have never been bothered with
advertisements from them.
On 17/02/13 19:10, Tony Finch wrote:
Robert Moskowitz
In message alpine.lsu.2.00.1302171800460@hermes-1.csi.cam.ac.uk, Tony Fin
ch writes:
Vernon Schryver v...@rhyolite.com wrote:
How does a secondary authoritative DNS server fail to support DNSSEC?
A security-aware authoritative server has to support:
* EDNS0 and DO
* RRSIG records
14 matches
Mail list logo
