On Fri, Jun 4, 2010 at 9:10 AM, Evan Hunt wrote:
> The way it's supposed to work is: you add the new NSEC3PARAM record,
> then wait for the new NSEC3 chain to be built. The newly inserted record
> will, at first, have its "flags" field set to a nonzero value; this
> indicates that the chain isn'
> The first one, can I configure multiple key directories? The reasoning
> for this is that I would like to seperate the KSK's from the ZSK's.
No, you can't... but that's an interesting idea. Right now it's a single
key directory per zone.
> The second question. I've tried doing a resalt using d
On Fri, Jun 4, 2010 at 3:11 AM, Tim Verhoeven wrote:
>
> The second question. I've tried doing a resalt using dynamic updates
> but I can't get it to work. Just adding a new NSEC3PARAM RR crashes
> Bind and doing a delete and then a add (to replace the present RR)
> gives me a servfail but I see t
On Fri, Jun 4, 2010 at 1:18 PM, Phil Mayers wrote:
> On 04/06/10 11:11, Tim Verhoeven wrote:
>>
>> I'm currently testing the automatic signing for DNSSEC present in Bind
>> 9.7. I'm currently using Bind 9.7.0 and I have 2 questions.
>>
>> The first one, can I configure multiple key directories? Th
On 04/06/10 11:11, Tim Verhoeven wrote:
Hi,
I'm currently testing the automatic signing for DNSSEC present in Bind
9.7. I'm currently using Bind 9.7.0 and I have 2 questions.
The first one, can I configure multiple key directories? The reasoning
for this is that I would like to seperate the KSK
Hi,
I'm currently testing the automatic signing for DNSSEC present in Bind
9.7. I'm currently using Bind 9.7.0 and I have 2 questions.
The first one, can I configure multiple key directories? The reasoning
for this is that I would like to seperate the KSK's from the ZSK's.
And this to be able to
6 matches
Mail list logo
