Re: Questions about DNSSEC in Bind

2019-10-10 Thread Ondřej Surý
TL;DR use ECDSA, single algorithm https://tools.ietf.org/html/rfc8624 -- Ondřej Surý ond...@isc.org > On 11 Oct 2019, at 08:38, ego...@sarenet.es wrote: > > Good afternoon, > > I would like to ask you some questions about DNSSEC, which I have not been > able to clarify by my own, reading docu

Questions about DNSSEC in Bind

2019-10-10 Thread ego...@sarenet.es
Good afternoon, I would like to ask you some questions about DNSSEC, which I have not been able to clarify by my own, reading documentation or testing… they are these ones : - Is it important or should be signed the whole zone with a “compatible" algorithm as SHA1 and with a stronger one like

Re: Would/Could/Should

2019-10-10 Thread Jim Popovitch via bind-users
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Thu, 2019-10-10 at 10:39 -0400, Jim Popovitch via bind-users wrote: > Hello! > > Is this a language/translation issue, or is named telling me that it > would but didn't limit? > > > Oct 10 00:57:21 ns2 named[623]: would limit REFUSED error resp

Would/Could/Should

2019-10-10 Thread Jim Popovitch via bind-users
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hello! Is this a language/translation issue, or is named telling me that it would but didn't limit? Oct 10 00:57:21 ns2 named[623]: would limit REFUSED error responses to 2404:6800:4003:c00::/56 Oct 10 00:58:35 ns2 named[623]: would stop limiting

Re: CloudSmith repository missing

2019-10-10 Thread Victoria Risk
Matt, We have a stable set of packages now. I just published a Knowledgebase article on our packages which we are committed to keeping up to date. https://kb.isc.org/docs/isc-packages-for-bind-9 Vicky _