child KEY RRs in parent zone

Roy Arends roy at nlnetlabs.nl
Wed Mar 22 18:49:30 UTC 2000


Hello,

RFC 2535, 6.3, states that a KEY RR record of a secured zone may be
present in the parent zone. If A parent decides not to include the childs
KEY RR in its zone, how can V8/V9 (dns)signer be instructed to sign the
childs key (without the key being included in the zone). I think it
cannot. If that's the case then ehhhh, well ehhhh, what then ?

Might this (child key not mandatory for parent zone) be the reason that
the -p (p1,po,ps,no-p1,no-ps) are not in signer V9, or is it just a beta
issue ? 

Okidook, thanks allready

Roy

The early bird who catches the worm works for someone who comes in late
and owns the worm farm.
		-- Travis McGee
-- 
roy at nlnetlabs.nl                NLnetLabs
tel +31208884551                Kruislaan 419
|\ ||   _  _|_  |   _ |_  _     1098 VA  Amsterdam
| \||__| )(-|_  |__(_||_)_)     The Netherlands







More information about the bind-users mailing list