In message <20130820221524.ga24...@iano.org>, Maria writes: > My company uses a private tld. We are working on fixing that but the fix is > going to take a while, especially if our sol > ution ends up being trying to register it with icann. > > Our resolvers that all internet queries go through have a forward zone > statement for that tld to some internal name serv > ers. Unfortunately, when I turn on dnssec validation our resolvers go check > out the root zone, see our private zone does > n't exist, and refuse to resolve records in the zone. Is there a solution I > can put in place so we can do dnssec validat > ion in the meantime while we work on ceasing to use the private tld? > > Thanks, > Maria
Sign the internal tld and add a trusted-key statement to the resolvers for your internal tld. > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
