On 7/7/2010 12:57 PM, Kalman Feher wrote:
>
> If you really do have such a small pipe (with your email address I assume
> Sweden. I didn't think Swedes even knew there were link types other than
> fibre ;) )then perhaps you're throttling it to the point where your NTP sync
> drops off.
That is
On Jul 16, 2010, at 1:43 PM, Stephane Bortzmeyer wrote:
> On Fri, Jul 16, 2010 at 03:00:11PM +0200,
> Kalman Feher wrote
> a message of 85 lines which said:
>
>> anchors2keys worked fine so long as the format was correct so...
>
> I didn't know this tool. Where can we find it? Google does not
On Fri, Jul 16, 2010 at 03:00:11PM +0200,
Kalman Feher wrote
a message of 85 lines which said:
> anchors2keys worked fine so long as the format was correct so...
I didn't know this tool. Where can we find it? Google does not know.
___
bind-users ma
As a once off I did the following last night. (yes I know the DNSKEY would
have been fine too). anchors2keys worked fine so long as the format was
correct so...
I just cut and pasted the content of :
https://data.iana.org/root-anchors/root-anchors.xml
Zone to delegation, algorithm, digest type and
With the signing of the root and all of the related activities, I
thought I'd take this opportunity to let you know that I'll be giving a
presentation at OSCON (O'Reilly's Open Source Convention) next week in
Portland.
http://www.oscon.com/oscon2010/public/schedule/detail/14112
I'm not sure wh
What does the following command show:
rndc status
- Original Message
From: Kebba Foon
To: Noel Butler
Cc: bind-users@lists.isc.org
Sent: Fri, July 16, 2010 4:41:50 AM
Subject: Re: recursing stop at about 1000 clients
am running 9.6-ESV-R1 on Debian 5.0 lenny
On Fri, 2010-07-16
That makes it clear for me; thank you very much!
As an unrelated side-note: does anyone know when org.'s DS will be
included in the root zone?
Niobos
On 2010-07-16 14:08, Alan Clegg wrote:
>> Trying to enhance that: Am I correct to state that it's not possible to
>> validate a delegation NS RRse
On 7/16/2010 7:42 AM, Niobos wrote:
> On 2010-07-16 12:36, Alan Clegg wrote:
>> .net isn't signed, and you don't sign "out-of-zone" data (glue and
>> delegation NS records).
>
> But org. is signed, and gives the same result.
.org does not have a DS record in the root yet. This is an example of a
On 2010-07-16 12:36, Alan Clegg wrote:
> .net isn't signed, and you don't sign "out-of-zone" data (glue and
> delegation NS records).
But org. is signed, and gives the same result.
But anyway, it basically boils down to:
> On 7/16/2010 6:25 AM, Niobos wrote:
>> It's probably just my lack of know
Am Fri, 16 Jul 2010 12:25:44 +0200
schrieb Niobos :
> Hi,
>
> It's probably just my lack of knowledge, but there seems to be a
> missing RRSIG in the root zone.
>
> I try to securely resolve example.net. I obviously get a delegation
> returned (dig output below), but I can't seem to validate tha
On 7/16/2010 6:36 AM, Alan Clegg wrote:
> On 7/16/2010 6:25 AM, Niobos wrote:
>
>> It's probably just my lack of knowledge, but there seems to be a missing
>> RRSIG in the root zone.
>>
>> I try to securely resolve example.net. I obviously get a delegation
>> returned (dig output below), but I can
On 7/16/2010 6:25 AM, Niobos wrote:
> It's probably just my lack of knowledge, but there seems to be a missing
> RRSIG in the root zone.
>
> I try to securely resolve example.net. I obviously get a delegation
> returned (dig output below), but I can't seem to validate that
> delegation. The deleg
On Fri, Jul 16, 2010 at 06:16:13PM +0900,
Kazunori Fujiwara wrote
a message of 25 lines which said:
> You can check root DNSKEY RR and root-anchors.xml
> using dig and dnssec-dsfromkey.
Good idea and here is a Makefile and a XSLT script which automates the
whole thing. Bug reports welcome.
K
Hi,
It's probably just my lack of knowledge, but there seems to be a missing
RRSIG in the root zone.
I try to securely resolve example.net. I obviously get a delegation
returned (dig output below), but I can't seem to validate that
delegation. The delegation itself (and a direct request for net./
> From: Hauke Lampe
> http://data.iana.org/root-anchors/root-anchors.xml
> http://data.iana.org/root-anchors/root-anchors.asc
>
> The XML file contains a DS hash of the root KSK, but BIND needs a public key
> in the managed-keys clause.
>
> Are there any tools to retrieve the DNSKEY and validat
Greetings, everyone.
Now that the signed root is finally in production, how do I initialize BIND's
RFC5011 key management from the XML file published by IANA?
I downloaded the files and checked the PGP signature:
http://data.iana.org/root-anchors/root-anchors.xml
http://data.iana.org/root-anch
am running 9.6-ESV-R1 on Debian 5.0 lenny
On Fri, 2010-07-16 at 16:55 +1000, Noel Butler wrote:
> On Thu, 2010-07-15 at 10:18 +, Kebba Foon wrote:
> > i did i set my recursive-clients to 1 but it does not help.
> >
> > On Thu, 2010-07-15 at 20:21 +1000, Noel Butler wrote:
> > > UDP
> >
Hi,
satoshi takano píše v pá 16. 07. 2010 v 12:02 +0900:
> Hi,
>
> >>> Just upgrade to 9.7.1-P1 on Solaris.
> >>> There are free packages ready to run at Blastwave.org
> >>>
> >>
> >> Or use supported Bind bundled with Solaris, the patch set delivers
> >> 9.6.x.
>
> thanks.
>
> I want to use bi
18 matches
Mail list logo
