11 Led
2020
11 Led
'20
20:12
Hello Andreas,
Please note that Jan-Piet commented the DS-push feature, which is mostly
used for subzone's KSK rollover. If you want to synchronize a zone's DS
record with the TLD (.de for example), it's a different story as it
depends
on the parent zone capabilities.
Also take a look at his blog post
https://jpmens.net/2019/11/13/an-authoritative-knot/
Best,
Daniel
On 2020-01-11 13:15, A. Schulze wrote:
Hello,
I'm new to that list. Using NSD + DNSSEC + key rotation for many years.
Now I like to check if and how KNOT's auto keyrotaton can safe me from
my ugly script foo...
https://lists.nic.cz/pipermail/knot-dns-users/2019-November/001721.html
JP Mens mention "I'm rolling the KSK every five minutes for testing"
instead I reinvent the wheel: could one post the relevant settings?
Thanks,
Andreas