[dns-operations] signing reverse zones

cgielen+dnsoarc at gielen.name cgielen+dnsoarc at gielen.name
Tue Feb 11 09:22:00 UTC 2014


op 11-02-14 00:47, Mark Boolootian schreef:
> I'm interested in knowing if it is standard practice amongst folks to
> sign .arpa zones.  Is there a compelling use case for signing reverse
> zones?

If it's worth publishing, it's worth securing. Besides, differentiating
between zones that are signed and zones that are not would make my
infrastructure more complicated.
-- 
Casper Gielen <cgielen at uvt.nl> | LIS UNIX
PGP fingerprint = 16BD 2C9F 8156 C242 F981  63B8 2214 083C F80E 4AF7

Universiteit van Tilburg | Postbus 90153, 5000 LE
Warandelaan 2 | Telefoon 013 466 4100 | G 236 | http://www.uvt.nl



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 242 bytes
Desc: OpenPGP digital signature
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20140211/55e8afe3/attachment.sig>


More information about the dns-operations mailing list