30 Lis
2020
30 Lis
'20
16:48
On Mon, 30 Nov 2020 08:32:51 -0700
Paul Ebersman <list-knot-dns-users(a)dragon.net> wrote:
libor.peltan> ...and (if I understand this idea
correctly) since every
libor.peltan> server would have different KSK, you would need multiple
libor.peltan> DS in the parent zone (the parent must allow it).
This has to be allowed or you can't roll the KSK yourself.
You only need one DS record at time for that. You replace old DS with
new one when you do roll over.
--
Tuomo Soini <tis(a)foobar.fi>
Foobar Linux services
+358 40 5240030
Foobar Oy <https://foobar.fi/>