kasp-policy and catalog zones
matthijs at isc.org
Tue Sep 22 14:17:54 UTC 2020
There are no plans for this.
While technically a secondary can have a "dnssec-policy" statement
(acting as a bump-in-the-wire signer), signing a zone is mainly a
primary server responsibility and a policy configuration does not need
to be transferred to its secondaries.
For now I would suggest just add the zone with `rndc addzone` to the
primary or update the primary name server configuration and add the
On 9/18/20 7:52 PM, BÖSCH Christian wrote:
> Is there a plan when the option for KASP "dnssec-policy" within
> a catalog member zone will be available?
> Just like with allow-transfer.catalog.example. IN APL ….
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
> bind-users mailing list
> bind-users at lists.isc.org
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 488 bytes
Desc: OpenPGP digital signature
More information about the bind-users