DNSSEC and MS AD
Mark Andrews
marka at isc.org
Wed Aug 10 00:20:34 UTC 2011
In message <37EB0C69-09A1-45A8-9D0E-1027CCBF8442 at gmail.com>, Chris Buxton write
s:
> The use of internal, private namespace should be entirely transparent to any
> service other than DNS. Your mail server should not need to know about it, an
> d should not be able to detect it (other than watching for private address sp
> ace and obviously-private domain names like "corp.dom").
Until it gets DANE support or something else that is DNSSEC aware, at which
time you also add the internal trust anchors.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list