[Opendnssec-user] what key's do i need to submit to Registar.
Bas van den Dikkenberg
bas at Dikkenberg.net
Mon Aug 25 09:40:17 UTC 2014
I plan to have 2 standby keys as far as I onderstand I have to publish at least the active key and both the standby keys right ?
Wat about the with status retired(not dead)
-----Oorspronkelijk bericht-----
Van: Klaus Darilion [mailto:klaus.mailinglists at pernau.at]
Verzonden: maandag 25 augustus 2014 11:08
Aan: Bas van den Dikkenberg; Opendnssec-user at lists.opendnssec.org
Onderwerp: Re: [Opendnssec-user] what key's do i need to submit to Registar.
On 23.08.2014 17:16, Bas van den Dikkenberg wrote:
> Hi ,
>
>
>
> A question about the key states, I am the process of scripting the
> updating the KSK to my registerars.
>
>
>
> Does the output of ods-ksmutil key export -zone zome.tld provide me
> the keys I need to publish to the registar/tld
>
>
>
> Do retire and publish also needed to be included ?
It depends on your KSK rollover method. See:
http://tools.ietf.org/html/draft-ietf-dnsop-dnssec-key-timing-04#section-2.2
regards
Klaus
More information about the Opendnssec-user
mailing list