On 1/19/20 4:01 AM, N. Max Pierson wrote:
I honestly couldn’t tell you either way as I have not even begun to start to dive into DNSSEC.
I can recommend the following book from Michael W. Lucas / @mwlauthor and say that it provides a good, actionable, introduction to DNSSEC.
Link - DNSSEC Mastery: Securing the Domain Name Service with BIND (ebook)- https://www.tiltedwindmillpress.com/product/dnssec-mastery-securing-the-domain-name-service-with-bind-ebook/
Disclaimer: I'm not associated with Michael. We do pester each other on Twitter. I have tech reviewed some of his other book.
I've found all of his Mastery books to be packed with actionable information and well worth the price (< $20).
I prefer to buy the books directly from Michael's site, Tilted Windmill Press, to avoid the overhead & fees with thee other typical outlets.
Word to the wise: Be mindful of the recent SHA1 chosen prefix attacks when starting with DNSSEC. This mostly means that you just choose other, newer, algorithms to use when deploying DNSSEC.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
