On 3/10/20 4:03 PM, Mark Andrews wrote:
> Firstly don’t blindly add DS records without first checking that the DNSKEYs
> they refer to are published. DNSSEC is less tolerant of operator error and
> sometimes things go wrong. There are lots of “wait until …” in managing
> DNSSEC
> and if you don’
t; On 11 Mar 2020, at 09:39, Alan Batie wrote:
>
> I've got a test domain that I thought I had all working, but noticed the
> key signing key was missing, so I generated one and did an rndc loadkeys
> to get things updated, then generated a ds record for it and uploaded
> that
I've got a test domain that I thought I had all working, but noticed the
key signing key was missing, so I generated one and did an rndc loadkeys
to get things updated, then generated a ds record for it and uploaded
that to the registrar, however, it still shows broken, and when I look,
I see
3 matches
Mail list logo
