Re: [BUG] dnssec-signzone silently drops DS records when '-g' is used - DNS
This is a discussion on Re: [BUG] dnssec-signzone silently drops DS records when '-g' is used - DNS ; In message , "=?UTF
-8?Q?Ond=C5=99ej_Sur=C3=BD?=" writes:
> Hi,
> I just found quite serious bug in dnssec-signzone :-(.
It's not a bug. It was a deliberate decision to only include
generate DS records when -g is specified. You manage the
...
-
Re: [BUG] dnssec-signzone silently drops DS records when '-g' is used
In message , "=?UTF
-8?Q?Ond=C5=99ej_Sur=C3=BD?=" writes:
> Hi,
> I just found quite serious bug in dnssec-signzone :-(.
It's not a bug. It was a deliberate decision to only include
generate DS records when -g is specified. You manage the
transition from secure to insecure by removing the keyset
of the child.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org
