disable dnssec for particular domain

Matus UHLAR - fantomas uhlar at fantomas.sk
Tue Feb 6 16:31:26 UTC 2018

>Am 2018-02-06 hackte Matus UHLAR - fantomas in die Tasten:
>> our customer uses a domain that is registered, but hidden
>> (doesn't exist in DNS).

On 06.02.18 18:24, Michelle Konzack wrote:
>I hope you know what are you doing, because the DNS MUST exist!
>Please read the general conditions for the EU Domain Registry!

if the domain gets delisted, it's their problem.
for now it exists in internal network.

>> The domain is used by multiple organizations and we are required to
>> forward
>> lookups for the domain to foreign internal servers.
>WHY register an .eu Domain at all?

don't ask me, it's the customer...

>> The problem is, that parent domain (.eu) indicates that the domain is to
>> be
>> signed and since default bind installation validates DNSSEC, lookups are
>> refused:
>Forget about this and use your own private TLD

what's the difference, when the domain doesn't exist?

is it because .eu is signed?

Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I intend to live forever - so far so good. 

More information about the bind-users mailing list