Singing a RRSET
alan at clegg.com
Fri Mar 14 22:02:08 UTC 2014
On 3/14/14, 12:15 PM, Sergio Ramirez wrote:
> We need to sign a RRSET individually out of the zone file.
> The utilities dnssec-signzone and similars from other packages
> check the zone before signing (SOA RR, DNSKEY RR, etc).
> Before to do a piece of programa to do this, we wanted to know if
> there is any tool to sign just a RRSET ?
Create it in a valid zone file, sign it, then "dig" it out?
You can't sign without keys, SOA can be standard, this is _probably_
much easier to script than creating code.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 600 bytes
Desc: OpenPGP digital signature
More information about the bind-users