14 Úno
2011
14 Úno
'11
11:35
Hi Julian,
DNSSEC support in Fred consists of manipulation with KeySet object. It's
purpose is similar to NSSet. While NSSet is container for information
that result in generation of NS and A records into zonefile, Keyset
holds a key material that result in generation of DS records into
zonefile. Keyset object can be managed the same way as NSSet using EPP
protocol.
This way domain owners are allowed to publish they keys (or key
signatures) in FRED managed zonefile.
Of course this is just one half of DNSSEC. The other half is securing
generated zonefile itself. But this is already covered by other tools,
so it's not part of FRED. You can use either Bind-tools
(dnssec-keygen/dnssec-signzone) or OpenDNSSEC.
Regards,
Jaromir
On Mon, 2011-02-14 at 12:10 +1000, Julian DeMarchi wrote:
On 02/08/2011 08:52 PM, Julian De Marchi wrote:
--
Jaromir Talir
technicky reditel / Chief Technical Officer
-------------------------------------------
CZ.NIC, z.s.p.o. -- .cz domain registry
Americka 23, 120 00 Praha 2, Czech Republic
mailto:jaromir.talir@nic.cz http://nic.cz/
sip:jaromir.talir@nic.cz tel:+420.222745107
mob:+420.739632712 fax:+420.222745112
-------------------------------------------
heya--
I was wondering if fred supports dnssec? I can not seem to find any
information regarding this. The fred tools do not have any options
that I can see either.
*BUMP*
_______________________________________________
fred-users mailing list
fred-users(a)lists.nic.cz
https://lists.nic.cz/mailman/listinfo/fred-users