>
>If the zone isn't signed, it shouldn't be trying to validate it as there's
>nothing to validate. Unless this fictional TLD now has a real delegated
>counter-part?
>
>Stuart
Just for clarification:
If a TLD does not exist, it can neither be signed nor unsigned.
And, officially, the mentioned
>> Our customer uses a fictional Toplevel Domain[...]
>
> Can you flip the problem on its head, by signing the fictional TLD and
> deploying managed-keys (or trusted-keys) on the validating resolvers?
>
> Graham
Unfortunately we can't sign the fictional TLD, since we are neither master nor
slave
2 matches
Mail list logo
