DNSSEC validation without current time

Petr Menšík pemensik at redhat.com
Fri Dec 15 13:23:19 UTC 2017

Dne 15.12.2017 v 13:06 G.W. Haywood via bind-users napsal(a):
> Hi there,
> On Fri, 15 Dec 2017, Petr Men??k wrote:
>> ... current time is not available or can be inaccurate.
> ntpdate?
Sure, of course. What would be default host after installation, that can
be used in default installation image without manual configuration? And
how does it resolve that name, when date of the system is 1970-1-1 or
something a only a bit more accurate?

Current pool.ntp.org adresses are unsigned now, so that would work
anyway. If I want spoof protection, what should I do?

Petr Menšík
Software Engineer
Red Hat, http://www.redhat.com/
email: pemensik at redhat.com  PGP: 65C6C973

More information about the bind-users mailing list