i'm seeing unexpected behavior that seems to be related to using dnssec and
having a view defined for the chaos class.
named complains:
01-Dec-2011 22:47:34.712 general: info: managed-keys-zone ./IN/default: loaded
serial 11
01-Dec-2011 22:47:34.712 general: error: managed-keys-zone ./CH/chaos:
On Thu, 1 Dec 2011, Warren Kumari wrote:
Yeah, a number of motherboards now come with TPMs that include hardware RNGs...
My current personal server (Dell R710) has just such a beastie -- there is some
info here: http://domsch.com/blog/?p=107 and I *think* that the rng-tools
package now suppor
> I've looked at a few of them, and I noticed that all the ones I've seen
> start with the four-octet string "00 00 00 02". Is that sufficient?
I'd recommend checking the next four octets as well; they'll be "00 00 00 00"
or "00 00 00 01". The first of those is the format that's always been used
Yeah, a number of motherboards now come with TPMs that include hardware RNGs...
My current personal server (Dell R710) has just such a beastie -- there is some
info here: http://domsch.com/blog/?p=107 and I *think* that the rng-tools
package now supports it natively
I spent *many* hours fut
With the pending release of BIND 9.9.0, and the beta testing my company is
currently doing, we've realized we need a good way to detect zone file type and
convert it.
Is there any simple way to look at a file and quickly determine whether or not
it's a BIND "raw" format zonefile, as opposed to
On Thu, 1 Dec 2011, Michael Graff wrote:
I'm using an Araneus Alea I, from http://www.araneus.fi/products-alea-eng.html.
I'm sure others would work as well. I know the creator of this device
personally though, so it's the one sticking out of the back of the box I own.
:)
At 150 EURO, its
On Thu, 1 Dec 2011, Chris Thompson wrote:
I think that because you have told it to inactivate and indeed delete both
ZSKs, in desperation it has signed the whole zone with the the only remaining
key, even though it has the SEP bit set.
The SEP bit does not mean "do not sign zone data". It mean
On Dec 1 2011, McConville, Kevin wrote:
Hopefully this is a "duh" moment that I'm having. I am testing out what
happens when you have set the ZSK inactive and delete times and then try
to sign the zone via a rndc reload zonename command (using static zone
file with inline signing).
We have 3 ke
Thanks Michael, and Hauke.
I've had relatively good prior experience with Haveged [1], but I've
always wanted to experiment with a USB random generator.
Both the Araneus Alea [2] and the Entropy Key [3] look very interesting.
I'd heard of the latter previously, and I've ordered that because the
A
Hopefully this is a "duh" moment that I'm having. I am testing out what happens
when you have set the ZSK inactive and delete times and then try to sign the
zone via a rndc reload zonename command (using static zone file with inline
signing).
We have 3 keys as listed below:
KSK - 63406
ZSK - 1
I'm using an Araneus Alea I, from http://www.araneus.fi/products-alea-eng.html.
I'm sure others would work as well. I know the creator of this device
personally though, so it's the one sticking out of the back of the box I own.
:)
As for the daemon, well, I may have to find the time to clean
Jan-Piet Mens wrote:
- Original message -
> Would you be willing to give us a few more details, such as the name of
> the USB random source generator (is it an Entropy Key) ?
>
> Of course
, if you do tell us what hardware you're using, the next thing
> will be we'll want a copy of your
On Wed Nov 30 2011 at 20:45:30 CET, Michael Graff wrote:
> For my VM environment, I bought a USB random source, and share it
> across the VMs with a little daemon I wrote.
Would you be willing to give us a few more details, such as the name of
the USB random source generator (is it an Entropy Ke
13 matches
Mail list logo
