Using $GENERATE on KEY & TXT RRs?

Brad Knowles brad.knowles at skynet.be
Fri Aug 2 21:56:58 UTC 2002


At 1:13 PM -0400 2002/08/02, Matt Larson wrote:

>  $GENERATE is not applicable to KEY:
>  draft-ietf-dnsext-restrict-key-for-dnssec deprecates all non-DNSSEC uses
>  for KEY, confining that type to the zone apex.

	Hmm.  Do you have any idea how widely known this is?  How many of 
the IPSEC implementation teams know about this?

>                                                  The DNSSEC document
>  rewrite effort has included this sentiment; see the KEY section of
>  draft-ietf-dnsext-dnssec-records.  The restrict-KEY train has basically
>  left the station, as best as I can tell.

	Hmm.  Okay.  I'll pass this on.  Thanks!

-- 
Brad Knowles, <brad.knowles at skynet.be>

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
     -Benjamin Franklin, Historical Review of Pennsylvania.

GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E W+++(--) N+ !w---
O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)


More information about the bind-workers mailing list