Automated DNSSEC (command line)
Michelle Konzack
linux4michelle at tamay-dogan.net
Fri May 28 22:52:22 UTC 2010
Hello Michael,
Am 2010-05-28 14:40:30, hacktest Du folgendes herunter:
> Check out zkt (http://www.hznet.de/dns/zkt/).
>
> There are a few more involved tools out there, but zkt sounds like
> what you want.
OK...
> >Can an expert please check 'dig ANY tamay-dogan.net' whether this is
> >right?
> Looks good to me. The sigs seem to be within their validity
> interval, but there doesn't appear a DLV record in dlv.isc.org, so I
Right, it was setup for some hours in a experimet and is currently not
setup with DLV.
> can't validate. (Actually, I *could* snarf the ksk from the ANY
> query and manually configure it as a trust anchor, but I am lazy.
> Moreover, that won't tell us if something goes wrong if/when you
> publish a trust-anchor DLV record or DS record, when NET becomes
> signed.)
I have some problems with understanding "DNSSEC in 6 Minutes" from ISC.
> default in recent versions of BIND. You still need to configure a
> trust anchor (or anchors) if you want to do validation.
This is what i have not understand currently...
Thanks, Greetings and nice Day/Evening
Michelle Konzack
--
##################### Debian GNU/Linux Consultant ######################
Development of Intranet and Embedded Systems with Debian GNU/Linux
itsystems at tdnet France EURL itsystems at tdnet UG (limited liability)
Owner Michelle Konzack Owner Michelle Konzack
Apt. 917 (homeoffice)
50, rue de Soultz Kinzigstraße 17
67100 Strasbourg/France 77694 Kehl/Germany
Tel: +33-6-61925193 mobil Tel: +49-177-9351947 mobil
Tel: +33-9-52705884 fix
<http://www.itsystems.tamay-dogan.net/> <http://www.flexray4linux.org/>
<http://www.debian.tamay-dogan.net/> <http://www.can4linux.org/>
Jabber linux4michelle at jabber.ccc.de
ICQ #328449886
Linux-User #280138 with the Linux Counter, http://counter.li.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.pgp
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20100529/0b7f12ac/attachment.bin>
More information about the bind-users
mailing list