dnssec subzone not signed question
jim
glass4545 at gmail.com
Wed Dec 22 23:49:53 UTC 2010
Hi Alan,
Sorry, still needing spoon fed.
When you say DS record in the parent, would this be .example.edu or my
parent .edu
The end result is get example.edu as a dnssec secured zone by getting a DS
record in .edu
So it sounds like when I do upload the example.edu DS record to .edu, my
subdomain.example.edu will break, I will need to sign every zone inside
example.edu?
thanks!
On Wed, Dec 22, 2010 at 4:14 PM, Alan Clegg <aclegg at isc.org> wrote:
>
> > Showing my ignorance, can I
> > Just not sign the dynamic subzones, wirelessN/buildingN.example.edu
> > <http://buildingN.example.edu>, even though example.edu
> > <http://example.edu> is signed?
>
> Sure. As long as you don't put a DS record in the parent, you most
> certainly don't HAVE to sign the child zones.
>
> AlanC
>
>
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20101222/2d65da22/attachment.html>
More information about the bind-users
mailing list