Singing a RRSET
Alan Clegg
alan at clegg.com
Fri Mar 14 22:02:08 UTC 2014
On 3/14/14, 12:15 PM, Sergio Ramirez wrote:
> We need to sign a RRSET individually out of the zone file.
> The utilities dnssec-signzone and similars from other packages
> check the zone before signing (SOA RR, DNSKEY RR, etc).
>
> Before to do a piece of programa to do this, we wanted to know if
> there is any tool to sign just a RRSET ?
Create it in a valid zone file, sign it, then "dig" it out?
You can't sign without keys, SOA can be standard, this is _probably_
much easier to script than creating code.
AlanC
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 600 bytes
Desc: OpenPGP digital signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20140314/9750174a/attachment.bin>
More information about the bind-users
mailing list