On Mon, Oct 03, 2011 at 05:32:18PM -0700, Paul B. Henson <hen...@acm.org> wrote a message of 59 lines which said:
> Our zone data is maintained in a revision control repository; when > changes are made there is a process that generates a bind format > zone file from the data, checks it for syntax errors, compiles, and > then signs it, at the end reloading the zone into bind with rndc. Experience of DNSSEC deployment (see my paper at SATIN <http://conferences.npl.co.uk/satin/papers/satin2011-Bortzmeyer.pdf>) shows that custom programs have many timing bugs. Many things can go wrong Why not using an existing program such as OpenDNSSEC ? _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users