In message <[email protected]>, =?ISO
-8859-1?Q?Eduardo_J=FAnior?= writes:
> Hi,
>
>
> I want test dnssec in the closed environment and controled to get some
> information.
>
> it's possible configure dnssec only between 2 name servers, first is
> the authoritative and second is the recurisve? The authoritative name
> server would have zones signed and the recursive will do querys and
> validation.
Yes.
> It's enough put in my named.conf of the recursive name server the
> public key (trusted keys) of a zone signed in authoritative name
> server? And using dig (properly compiled and configured) makes
> requests to recursive and validation occurs correctly?
>
> Any reference?
Just do it. This is a basic island of trust setup.
> Thanks in advance,
>
> -- =
>
> Eduardo J=FAnior
> GNU/Linux user #423272
>
> :wq
> _______________________________________________
> bind-users mailing list
> [email protected]
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: [email protected]
_______________________________________________
bind-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/bind-users
