[Opendnssec-user] Null or Pass-thru signing algorithm?
Rick van Rein
rick at openfortress.nl
Sun Sep 4 07:30:17 UTC 2011
Hello,
There has been talk of a "null" or "pass-through" algorithm
for OpenDNSSEC in the past. Switching between signed and
unsigned mode would be a matter of changing signing policy,
but all zone material would pass through OpenDNSSEC (with
possible modifications to SOA serial numbers, I suppose).
I cannot find back in the 1.3.x documentation how this should
be setup; has it been incorporated in this version? It would
dramatically simplify our setup -- making it more statically
configured and less worries about SOA counting.
Thanks,
-Rick
More information about the Opendnssec-user
mailing list