What Mark said.
So that would become:
dnssec-policy "mydefault" {
keys {
csk key-directory lifetime unlimited algorithm ecdsa256;
};
};
options {
dnssec-policy "mydefault";
};
On 8/4/23 01:32, Mark Andrews wrote:
You can’t define a policy there. You can tell named to use t
Hello Andrew
Thank you for your feedback I am testing some tools including netdata from the
list suggested by the isc except that I want to know your feedback about the
tools you use especially to monitor latency.
Regards
De : Andrew Latham
Envoyé : jeudi 3 août 2023 16:14
À : RAHAL Sami SOFREC
Hello Borja
Thank you very much for this feedback, yes I confirm that monitoring the
latency time is not always obvious, please about this solution you are
currently using, there is a tutorial to try it? Thanks in advance.
Regards Sami
-Message d'origine-
De : Borja Marcos
Envoyé : ven
hi,
I have tried the DNSSEC sign testing according the document,
https://kb.isc.org/docs/bind-9-pkcs11
(and section 5.5 of the Bv9ARM of version 9.18.16)
I have two questions about it,
1. since I use HSM(now is softhsm) to store the DNSSEC key, does it more
insecure to convert the key(s) from HS
4 matches
Mail list logo
