[dns-operations] DS keys for child zones on same server & inline signing
Tony Finch
dot at dotat.at
Fri Mar 15 11:22:06 UTC 2013
Phil Pennock <dnsop+phil at spodhuis.org> wrote:
This is a bit BIND-specific so you might get a better answer on the
bind-users list...
> My understanding is that DS records "belong" to the parent zone, above
> the cut, so I'd added the DS records to globnix.net itself, and forced a
> zone reload of the children and of that zone, which should trigger
> automatic re-signing, per "auto-dnssec maintain". I think.
I believe that is right, though I haven't tried it. What did named log
when you asked it to reload the zones?
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at first.
Rough, becoming slight or moderate. Showers, rain at first. Moderate or good,
occasionally poor at first.
More information about the dns-operations
mailing list