[Opendnssec-user] Reverse zones?

Jimmy Bergman jimmy at sigint.se
Thu Mar 8 12:34:40 UTC 2012


Hi

> Not trying to start a flame war, but the logical conclusion is that
> for many use cases you
> will gain a tiny bit of security by not signing your IPv6 reverse
> zones - since the actual impact
> of cache poisoning on reverse zones might be more limited than that of
> easy enumeration
> of the network. :-)

Assuming that Olafs answer was limited to signed zones, which of course
it wasn't. How embarrasing. :-)

I will get back under my lurking rock now.

/Jimmy



More information about the Opendnssec-user mailing list