[bind10-dev] Defer DDNS until after we have a signer?
Shane Kerr
shane at isc.org
Mon Nov 21 13:42:23 UTC 2011
Jinmei,
On Thu, 2011-11-17 at 09:14 -0800, JINMEI Tatuya / 神明達哉 wrote:
> At Thu, 17 Nov 2011 15:34:45 +0000,
> Stephen Morris <stephen at isc.org> wrote:
>
> > Although this ticket is only for the design and work breakdown, given
> > that we don't yet have a signer in the authoritative server, would it be
> > better to defer this work until we are closer to implementing it (i.e.
> > after we have written a signer)? Or should we proceed but disable DDNS
> > on signed zones?
>
> I thought we began with DDNS without resigning (saying it doesn't work
> for signed zones for now).
Yes, I think that's the approach to take. Or rather, if you use it on a
signed zone you have to manage the RRSIG and NSEC/NSEC3 records too.
Cheers,
--
Shane
More information about the bind10-dev
mailing list