I assume that you are asking about providing authoritative DNS for example.com.
Should you deploy DNSSEC? Yes, if you want your query responses to be validated by DNSSEC resolvers.
Does this have anything to do with the DNSSEC signing of the root domain? No, not really. Unless your TLD's name servers will also be signed and your domain registrar will support loading your key(s) into your TLD's name servers, then you will still need to use DLV (regardless of whether the root is signed or not).
In other words "in the absence of a fully signed path from root to a zone" you will need DLV to use DNSSEC" Quote from: https://dlv.isc.org/
-DM On 4/30/2010 8:57 PM, Jeff Pang wrote:
Hello, Since the global root DNS servers have deployed dnssec, as a hostmaster for the common domain like example.com, should we also deploy dnssec with named? Thanks. Regards. _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
