Mark Elkins wrote:
>
> On my side, I can 'import' the KSK from the properly signed zone,
> Generate the DS record and EPP it up to the Registry. That all works
> fine, currently with the push of one (web) button. Will change/add this
> to something RESTful. Then, for full automation (KSK Rollover'
On 14/09/2017 16:55, Tony Finch wrote:
> Mark Elkins wrote:
>
>> With BIND version 9.12 coming out - I'm wondering if I've missed any
>> announcements on some form of Automatic (DNS)Key Management?
>> Something that will create and retire keys according to some sort of policy.
> See dnssec-keymg
Mark Elkins wrote:
> With BIND version 9.12 coming out - I'm wondering if I've missed any
> announcements on some form of Automatic (DNS)Key Management?
> Something that will create and retire keys according to some sort of policy.
See dnssec-keymgr (new in 9.11) which will automate ZSK managem
With BIND version 9.12 coming out - I'm wondering if I've missed any
announcements on some form of Automatic (DNS)Key Management?
Something that will create and retire keys according to some sort of policy.
Does anyone have nice and up-to-date cheat sheets of the easiest way to
do DNSSEC with BIN
4 matches
Mail list logo
