[Opendnssec-develop] Passing through signed zones

Jakob Schlyter jakob at kirei.se
Thu Jun 13 14:37:46 UTC 2013

On 13 jun 2013, at 15:46, Matthijs Mekking <matthijs at NLnetLabs.nl> wrote:

> Con:
> - Hijacking a policy name is a bit ugly. On the other hand, having to
> specifically mention this zone should be passed through makes it less
> likely that users configure this unintentionally. Alternatively, we
> could use a new zonelist.xml option <Pass-through/>.
> What do you think?

I'd say we should go for a <PassThrough/> (or perhaps <Transparent/>) element in the zonelist - hijacking a policy name is a slippery slope that I do not want to take.


More information about the Opendnssec-develop mailing list