=countryday@lists.isc.org] On Behalf Of
Evan Hunt
Sent: Friday, November 11, 2011 12:48 PM
To: Adam Tkac
Cc: bind-users@lists.isc.org
Subject: Re: OT: Bind 9.9.0B1 Inline-Signing Question
I should mention that there is a known operational issue in the current
version of inline-signing that you should
On Fri, Nov 18, 2011 at 11:57:51PM +, Spain, Dr. Jeffry A. wrote:
I'd like to ask for clarification on the operational issue stated below.
Suppose there are no current changes to an inline-signed master zone,
i.e. myzone.db.signed timestamp is later than myzone.db timestamp. In
this
So the error being logged isn't really an error, it just looks like
one; we should probably see about silencing it.
The error is indeed confusing, maybe it should say not yet signed ?
11-Nov-2011 12:32:35.838 zone inline.aa/IN/internal (unsigned): loaded serial 2
11-Nov-2011 12:32:35.838 zone
I have just one question, what should inline-zone admin do? I assume
that named automatically regenerates removes expired RRSIGs so is it
sufficient to put new KSK and ZSK to the key-directory when needed and
revoke older ones? Thanks for your answer in advance.
Yes, it will keep RRSIGs
Do you see that each time named starts or just on the first load of the zone?
What happens if you send a query to the server with dig +dnssec?
On Nov 10, 2011, at 14:23, McConville, Kevin kmcconvi...@albany.edu wrote:
I know that this isn’t the forum for betas, which is why I put off-topic
I know that this isn't the forum for betas
Sure it is. :)
We have been testing with the alphas and now with the beta. What we are
seeing is that whenever named starts, it initially creates the signed
static zone file, but never really finishes.
What do you mean by never really finishes?
6 matches
Mail list logo
