David Miller dmiller at tiggee.com
Sat May 1 01:38:22 UTC 2010

I assume that you are asking about providing authoritative DNS for 

Should you deploy DNSSEC?  Yes, if you want your query responses to be 
validated by DNSSEC resolvers.

Does this have anything to do with the DNSSEC signing of the root 
domain?  No, not really.  Unless your TLD's name servers will also be 
signed and your domain registrar will support loading your key(s) into 
your TLD's name servers, then you will still need to use DLV (regardless 
of whether the root is signed or not).

In other words "in the absence of a fully signed path from root to a 
zone" you will need DLV to use DNSSEC"  Quote from: https://dlv.isc.org/


On 4/30/2010 8:57 PM, Jeff Pang wrote:
> Hello,
> Since the global root DNS servers have deployed dnssec, as a
> hostmaster for the common domain like example.com, should we also
> deploy dnssec with named? Thanks.
> Regards.
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

More information about the bind-users mailing list