A New Key…

Tuesday 21st March, 2017Tuesday 21st March, 2017 ~ Karl ~ 1 Comment

Further to my post on ICANN's automated KSK testlab, ICANN generated a new key on the 19th, and added it to the test zone that we're using, and we can see it below: Key 19741 is a new KSK in the zone. If you look in managed-keys.bind (I'm running Debian, and so that's in /var/cache/bind/) you'll … Continue reading A New Key…

Rolling, rolling, rolling…

Friday 17th March, 2017Tuesday 21st March, 2017 ~ Karl ~ 1 Comment

In October 2017, ICANN are going to roll the key signing key in the root of the DNS. If you run a validating recursive resolver, read on...

DNSSEC BIND Configuration Summary & Cool Stuff

Friday 20th August, 2010Tuesday 21st March, 2017 ~ Karl ~ Leave a comment

Introduction With the recent signing of the root, I've discovered a sudden interest in DNSSEC, and decided to have a go myself to aid my understanding of it. This article is written as an aid-memoir to me, and summary of the bits I've read. Of course, I've provided links to the whole blog entries I … Continue reading DNSSEC BIND Configuration Summary & Cool Stuff