Hello bind users
> The answer is almost, as long as the zone has a DNSSEC policy configured:
>
> zone "newdomain.de" {
> type master;
> file "../master/newdomain.de";
> dnssec-policy default;
> }
>
> The only thing not yet fully automated is submitting the DS to the
> parent. You can do that as soon as named puts the CDS/CDNSKEY records in
> the zone.
So you're saying, that with a DNSSEC policy configured, bind is creating CDS
records for me? If so, then when my registrar is supporting those records
(switch.ch), this zone fully automated in regards of DNSSEC?
Is the creation of CDS Records a config option or on by default?
What about going from secure to insecure? Is this possible with dnssec policy
or do I then have to put the relevant CDS records in the zone by hand?
Best regards
Philippe
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/bind-users
