[dns-operations] Signing of the ARPA zone

Keith Mitchell keith at isc.org
Fri Mar 26 19:22:46 UTC 2010

Simon Leinen wrote:

> Yes.  Apparently if you use BIND (latest & greatest 9.7.0), and 
> install new trusted keys, you are expected to flush some entries from
>  the cache;

Note that the "latest & greatest" BIND9 is 9.7.0-P1:


The -P1 patch addresses the issues raised in the various "roll over &
die" postings/presentations. I don't think whether you are running 9.7.0
or 9.7.0-P1 is material to Simon's issue (though we will of course check
this) but just wanted to flag to folks here if you're running 9.7.0 it's
important you upgrade to this patch.


More information about the dns-operations mailing list