tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: CVS commit: src/etc/rc.d


On Sun, Aug 09, 2009 at 09:41:00AM -0400, Perry E. Metzger wrote:
> >> So don't do that.
> >
> > Don't do what?
> Don't do the DNS signature generation at the same moment that you bring
> up the name server to provide resolution services locally. There is no
> reason that you have to do things that way (and in fact, there are a lot
> of reasons not to.) BTW, I don't believe our current scripts are set up
> to do that anyway, so this is moot.

The zone provider has to generate a DNSSEC signature at the moment it
signals people to reload the zone. It does that when named starts up.
At least in modern nameds.


Attachment: pgpu16D0wjRrF.pgp
Description: PGP signature

Home | Main Index | Thread Index | Old Index