On 07.06.2017 20:39, Samuel Sieb wrote:
exact this is my setup - but just with a .local, which I will rename to a .home, but this will take a week or so, e.g. I've to regenerate my local CA (there this .local must be changed to .home, too)On 06/07/2017 11:29 AM, Mike Wright wrote:On 06/07/2017 11:19 AM, Samuel Sieb wrote:On 06/07/2017 10:17 AM, Mike Wright wrote:I don't see any reason that you couldn't use that. My only concern is that recursive/caching nameservers would 1) have to be configured not to "phone home" to the root-servers for .home or 2) resolvers of the future would have to be smart enough to not do that either.The point is that you would have your own name server that isauthoritative for that domain. Then it won't try recursively resolving it.Of course. You'd have to have an authority server. But at the same time you can't use your authority server for lookups where you are not the authority: hence, a resolver. And the resolver must be aware of which authority to contact for non-root TLDs.I'm not sure what you're trying to say here, this is the standard setup. The DNS server on the internal network is authoritative for a certain set of domains. Anything other than that is automatically resolved recursively. Why would it be any different for the .home domain?
SSL certificates must be changed, ...
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx