[DNSSEC] SERVFAIL when resolving ".gov" through DLV
Mark Andrews
Mark_Andrews at isc.org
Wed May 6 07:05:01 UTC 2009
In message <1241593258.1629.60.camel at ilinux>, Mark Elkins writes:
> On Tue, 2009-05-05 at 13:45 -0500, Jeremy C. Reed wrote:
> > On Tue, 5 May 2009, Stephane Bortzmeyer wrote:
> >
> > > This is a BIND 9.5.1-P1, Debian package. It is configured to use ISC's
> > > DLV:
> >
> > https://www.isc.org/node/437
>
> Question on using "trusted-keys":
>
> There are two public sources of "trusted-keys" - ISC's DLV via
> http://ftp.isc.org/www/dlv/dlv.isc.org.named.conf and Iana's ITAR via
> https://itar.iana.org/anchors/anchors.xml (though this needs to be
> 'expanded').
> One might also have one's own personal list for local use?
>
>
> Some sections in "named.conf" should logically only be there once (eg,
> options and logging), some should be there multiple times (zone
> definitions).
>
> Can "trusted-keys" be defined multiple times?
Yes.
> - or should there only be
> one trusted-keys section? I know multiple keys in one trusted-keys
> section works just fine - which might imply one can only have one
> trusted-key definition?
>
> A 'man named.conf' is not immediately obvious about this.
>
> --
> . . ___. .__ Posix Systems - Sth Africa. e.164 VOIP ready
> /| /| / /__ mje at posix.co.za - Mark J Elkins, Cisco CCIE
> / |/ |ARK \_/ /__ LKINS Tel: +27 12 807 0590 Cell: +27 82 601 0496
>
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list