root and in-addr.arpa zone transfers
Michael Monnerie
michael.monnerie at is.it-management.at
Thu Sep 10 10:31:45 UTC 2009
On Donnerstag 10 September 2009 Stephane Bortzmeyer wrote:
> > right now I'm using scripts to download root.zone and in-addr.arpa
> > from internic.net. But this is a non-standard way,
>
> But a secure way since the files on internic.net are PGP-signed.
>
> > I'd prefer to directly slave and zone-transfer those 2 zones.
>
> That's widely regarded as a bad practice.
>
> FreeBSD backed off:
> <http://lists.freebsd.org/pipermail/freebsd-stable/2007-August/036545
>.html>
>
> Why it is a bad idea:
> <http://lists.freebsd.org/pipermail/freebsd-stable/2007-August/036470
>.html>
>
> Discussion:
> <https://lists.dns-oarc.net/pipermail/dns-operations/2007-August/0018
>91.html>
Merci beaucoup, Stephane,
that's a clear statement, so I'll keep the ftp transfers.
mfg zmi
--
// Michael Monnerie, Ing.BSc ----- http://it-management.at
// Tel: 0660 / 415 65 31 .network.your.ideas.
// PGP Key: "curl -s http://zmi.at/zmi.asc | gpg --import"
// Fingerprint: AC19 F9D5 36ED CD8A EF38 500E CE14 91F7 1C12 09B4
// Keyserver: wwwkeys.eu.pgp.net Key-ID: 1C1209B4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20090910/c519e70f/attachment.bin>
More information about the bind-users
mailing list