[dns-operations] Signing of the ARPA zone
Keith Mitchell
keith at isc.org
Fri Mar 26 19:22:46 UTC 2010
Simon Leinen wrote:
> Yes. Apparently if you use BIND (latest & greatest 9.7.0), and
> install new trusted keys, you are expected to flush some entries from
> the cache;
Note that the "latest & greatest" BIND9 is 9.7.0-P1:
http://www.isc.org/software/bind/970-p1
The -P1 patch addresses the issues raised in the various "roll over &
die" postings/presentations. I don't think whether you are running 9.7.0
or 9.7.0-P1 is material to Simon's issue (though we will of course check
this) but just wanted to flag to folks here if you're running 9.7.0 it's
important you upgrade to this patch.
Keith
More information about the dns-operations
mailing list