[dns-operations] Strange effect

Taras Heychenko tasic at hostmaster.ua
Fri Feb 24 10:57:26 UTC 2017


> On Feb 23, 2017, at 20:37, Viktor Dukhovni <ietf-dane at dukhovni.org> wrote:
> 
> 
>> On Feb 23, 2017, at 11:42 AM, Taras Heychenko <tasic at hostmaster.ua> wrote:
>> 
>> Thank you for explanation. Looks like that hostmaster of omnilance.com forgot
>> to remove record about the domain from DLV when make domain unsigned again.
> 
> Well, they shouldn't have to bother anymore.  The real problem is continued
> use of DLV.  Best to remove the DLV trust-anchor keys from your resolver
> configurations so that look-aside can't possibly work.

I begin my first letter from word "accidentally". Of course we remove this option
from named.conf. But I know places where named.conf was not seen by admin for years.
Because it just works and bind update does not force admin to review of named.conf
(It is good IMHO :) ). So hostmaster of the domain should do all possible to make domain works
for resolvers with a few old config also. JIMHO.

> 
> -- 
> 	Viktor.
> 
> 
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-operations mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations

--
Best regards

Taras Heychenko
tasic at hostmaster.ua









More information about the dns-operations mailing list