DNSSEC validation without current time
Petr Menšík
pemensik at redhat.com
Fri Dec 15 13:23:19 UTC 2017
Dne 15.12.2017 v 13:06 G.W. Haywood via bind-users napsal(a):
> Hi there,
>
> On Fri, 15 Dec 2017, Petr Men??k wrote:
>
>> ... current time is not available or can be inaccurate.
>
> ntpdate?
>
Sure, of course. What would be default host after installation, that can
be used in default installation image without manual configuration? And
how does it resolve that name, when date of the system is 1970-1-1 or
something a only a bit more accurate?
Current pool.ntp.org adresses are unsigned now, so that would work
anyway. If I want spoof protection, what should I do?
--
Petr Menšík
Software Engineer
Red Hat, http://www.redhat.com/
email: pemensik at redhat.com PGP: 65C6C973
More information about the bind-users
mailing list