13 Úno
2019
13 Úno
'19
18:25
On Wed, 2019-02-13 at 16:52 +0100, Daniel Salzman wrote:
If you want to use on-slave signing, your topology
should be like:
hidden_master(Bind)->signing_slave(Knot)->slave1, slave2, ...
Because if you signed the zone on more slaves, you had to somehow synchronize the signing
(keys,...).
I'm genuinely curious as to why someone would do this. Is it in order
to add DNSSEC without modifying Bind? If so, wouldn't it just be easier
to dump Bind and make Knot the master?
-Jim P.