[dns-operations] dnssec via dynamic updates
bert.hubert at powerdns.com
Fri Mar 18 16:19:43 UTC 2016
On Fri, Mar 18, 2016 at 03:51:44PM +0300, Peter Andreev wrote:
> BIND doesn't allow adding of NSEC* and DNSKEYs without supplying a private key;
> Knot doesn't allow any dnssec-related records in update query;
> Yadifa's documentation looks like it was abandoned long ago.
Have you looked at PowerDNS? For a pre-signed zone, we may just pass on your
records via dynamic updates. Or you could use our HTTP API which would
definitely not care about your record type for pre-signed zones.
Or would the hypothetical "push-AXFR" work for you?
More information about the dns-operations