a doubt about dnssec
Bèrto ëd Sèra
berto.d.sera at gmail.com
Sun Oct 10 15:38:09 UTC 2010
Hi all,
very n00by set of doubts following:
1) what's the point in using dnssec, if the secondary nameserver at my ISP
doesn't use it?
2) I see in some guides (for example,
http://ru.gentoo-wiki.com/wiki/%D0%9D%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0_%D0%BF%D0%BE%D1%87%D1%82%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE_%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%D0%B0_(Postfix,_Dovecot,_DSpam,_SQLGrey,_DomainKeys,_SPF)#.D0.9D.D0.B0.D1.81.D1.82.D1.80.D0.BE.D0.B9.D0.BA.D0.B0_BIND_.2F_DNSSEC
)
that a
key xfer_key {
algorithm hmac-sha512;
secret "SECRET-KEY";
};
is used. Now shouldn't this be useless in my situation? So I'd simply use
acl "xfer" {
/* This is the secondary DNS to which we will forward all queries */
x.x.x.x;
};
correct?
3) I'm serving idn domains (localized domains) is there any special setting
I should use?
Thanks
Bèrto
--
==============================
Constitution du 24 juin 1793 - Article 35. - Quand le gouvernement viole les
droits du peuple, l'insurrection est, pour le peuple et pour chaque portion
du peuple, le plus sacré des droits et le plus indispensable des devoirs.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20101010/82b4890f/attachment.html>
More information about the bind-users
mailing list