Using $GENERATE on KEY & TXT RRs?
Brad Knowles
brad.knowles at skynet.be
Fri Aug 2 21:56:58 UTC 2002
At 1:13 PM -0400 2002/08/02, Matt Larson wrote:
> $GENERATE is not applicable to KEY:
> draft-ietf-dnsext-restrict-key-for-dnssec deprecates all non-DNSSEC uses
> for KEY, confining that type to the zone apex.
Hmm. Do you have any idea how widely known this is? How many of
the IPSEC implementation teams know about this?
> The DNSSEC document
> rewrite effort has included this sentiment; see the KEY section of
> draft-ietf-dnsext-dnssec-records. The restrict-KEY train has basically
> left the station, as best as I can tell.
Hmm. Okay. I'll pass this on. Thanks!
--
Brad Knowles, <brad.knowles at skynet.be>
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-Benjamin Franklin, Historical Review of Pennsylvania.
GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E W+++(--) N+ !w---
O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)
More information about the bind-workers
mailing list