In bind 9.16.23 dnssec-enable is deprecated and my server is only cache
server which forwards all requests; It is not authoritative for any zones.
Dnssec is used to sign dns requests of my domain or all dns requests which
server makes?
0. dnssec-enable no
default is to enable dnssec, but I want to disable I can make it ?
1. dnssec-validation no
Can I delete this entry if I wnat to disable dnssec ?
2. bindkeys-file "/etc/named.iscdlv.key"
Can I delete this entry ? Eventually Bind would use built-in keys
3. managed-keys-directory "/var/named/dynamic"
see above, I can delete this entry because I'm not interesting to dnssec
4. session-keyfile "/run/named/session.key"
I can leave it ?
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
