DNSSEC -> subdomains -> keys

Chuck Aurora ca at nodns4.us
Sat Dec 7 17:35:50 UTC 2019

On 2019-12-07 08:24, Elimar Riesebieter wrote:
> is it possible to have one key pair for DNSSEC to sign subdomains in
> different zonefiles?

IIUC how it works, the generation of a key pair includes the zone name,
so no, I do not think it is possible.  Also, and more to the point,
there's no benefit to what you are asking.

What is the problem you are hoping to solve?  If we know that perhaps
we can suggest something else.

More information about the bind-users mailing list