DNSSEC: support for single keys?
Mark Andrews
marka at isc.org
Wed Sep 11 22:46:26 UTC 2013
In message <523080DD.6010400 at restena.lu>, Gilles Massen writes:
> Hi,
>
> Do you know if Bind with auto-dnssec maintain + inline-signing is
> supposed to work with a single key (i.e. not a KSK + ZSK)?
>
> I'm seeing weird things (multiple RRSIGs when enabling NSEC3) so I'd
> like to know if these are likely to be bugs or if I'm in unchartered
> territory...
Fixed in the next maintainence release.
3635. [bug] Signatures were not being removed from a zone with
only KSK keys for a algorithm. [RT #24439]
> Gilles
>
> --
> Fondation RESTENA - DNS-LU
> 6, rue Coudenhove-Kalergi
> L-1359 Luxembourg
> tel: (+352) 424409
> fax: (+352) 422473
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list