In message <4b7af7f5.3030...@xyonet.com>, Curtis Maurand writes:
>
> I haven't run BIND in a number of years.
There are a number of vendors that support DNSSEC on both the server
side and on the client side. Check with your vendor about what they
support.
Mark
--
Mark Andrews, ISC
1 Seymour
I haven't run BIND in a number of years.
--Curtis
On 2/15/2010 2:06 PM, Charles N Wyble wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tony Finch wrote:
On Mon, 15 Feb 2010, Charles N Wyble wrote:
How are folks verifying DNSSEC readiness of their environments? Any
exi
In message <4b7a502f.8000...@knownelement.com>, Charles N Wyble writes:
> > Repeat for IPv6.
> >
> > dig -6 ns . +norec @l.root-servers.net
> > dig -6 ns . +dnssec +cd +norec @l.root-servers.net
> > dig -6 any . +dnssec +cd +norec @l.root-servers.net
> > dig -6 any . +dnssec +cd +norec @l.root-se
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mark Andrews wrote:
> In message <4b798f1e.6080...@knownelement.com>, Charles N Wyble writes:
>> All,
>>
>> How are folks verifying DNSSEC readiness of their environments? Any
>> existing testing methodologies
In message <4b798f1e.6080...@knownelement.com>, Charles N Wyble writes:
> All,
>
> How are folks verifying DNSSEC readiness of their environments? Any
> existing testing methodologies / resources that folks are using?
>
> It seems like this is something that will b
FWIW - .se did some consumer research during their
> DNSSec launch. I belive there will be a new study.
>
> Tests of Consumer Broadband Routers in Sweden (DNSSEC)
> in 2008:
> http://www.iis.se/docs/Routertester_en.pdf
Seriously, who puts recursive DNS resolvers behind consumer broadband
routers?
Charles N Wyble wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
All,
How are folks verifying DNSSEC readiness of their environments? Any
existing testing methodologies / resources that folks are using?
It seems like this is something that will become a front and center
issue for help
* Charles N. Wyble:
> However they will certainly start complaining when DNS stops working. Of
> course they won't know that's what the issue is, but they will call
> saying the internet is down.
Okay, then the first way I mentioned for checking should be
sufficient. Well, perhaps make it
dig
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Florian Weimer wrote:
> * Charles N. Wyble:
>
>
>> It seems like this is something that will become a front and center
>> issue for help desks everywhere pretty quick. :)
>
> Why do you think so? Would you even notice if your webmail provider
> swi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tony Finch wrote:
> On Mon, 15 Feb 2010, Charles N Wyble wrote:
>> How are folks verifying DNSSEC readiness of their environments? Any
>> existing testing methodologies / resources that folks are using?
>
> Here's my summary
* Charles N. Wyble:
> How are folks verifying DNSSEC readiness of their environments? Any
> existing testing methodologies / resources that folks are using?
For now, running (with a real resolver address instead of 192.0.2.1)
dig @192.0.2.1 $RANDOM. +dnssec
and checking if a c
On Mon, 15 Feb 2010, Charles N Wyble wrote:
>
> How are folks verifying DNSSEC readiness of their environments? Any
> existing testing methodologies / resources that folks are using?
Here's my summary of the situation (as of a couple of months ago) with
links to a few key r
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
All,
How are folks verifying DNSSEC readiness of their environments? Any
existing testing methodologies / resources that folks are using?
It seems like this is something that will become a front and center
issue for help desks everywhere pretty
13 matches
Mail list logo
