On 23. 05. 23 9:33, Gert Doering wrote:
Hi,
On Mon, May 22, 2023 at 09:18:11PM +0200, Julian Fölsch wrote:
This however had the side effect that child zones that are not signed were no
longer resolving
... this statement is not actually correct. Non-signed child zones are
perfectly fine *as
Hi,
On Mon, May 22, 2023 at 09:18:11PM +0200, Julian Fölsch wrote:
> This however had the side effect that child zones that are not signed were no
> longer resolving
... this statement is not actually correct. Non-signed child zones are
perfectly fine *as long* as there are no DS records for t
Op ma 22 mei , Joe Abley <[jab...@strandkip.nl](mailto:Op ma 22 mei , Joe
Abley < schreef:
> Op ma 22 mei , Julian Fölsch <[julian.foel...@agdsn.de](mailto:Op ma 22 mei
> , Julian Fölsch < schreef:
>
>> This however had the side effect that child zones that are not signed were no
>> longer res
Op ma 22 mei , Julian Fölsch <[julian.foel...@agdsn.de](mailto:Op ma 22 mei ,
Julian Fölsch < schreef:
> This however had the side effect that child zones that are not signed were no
> longer resolving so I thought "Lets just sign them. Can't be that hard,
> right?"
Verifiably-insecure delegati
Hi,
First of all: If you think, I should discuss this somewhere else, please tell
me. :)
During my quest to get my SSH client to use SSHFP records and not annoy me
with trust questions anymore, I fell into the rabbit hole that is DNSSEC.
Our domain already uses DNSSEC, so I only had to set up t
