Re: DNSSEC

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Hi,

It's enabled by default if BIND is the right version nothing needs to be done.

I found it kind of sad that the version of BIND that comes with the latest version of CentOS 4 is so old that it doesn't support DNSSEC.

thanks,
-Drew
XLHost.com
-----Original Message-----
From: centos-bounces@xxxxxxxxxx [mailto:centos-bounces@xxxxxxxxxx] On Behalf Of m.roth@xxxxxxxxx
Sent: Friday, April 30, 2010 1:07 PM
To: CentOS mailing list
Subject:  DNSSEC

Well, folks,

   There's an article on slashdot,
<http://tech.slashdot.org/article.pl?sid=10/04/30/1258234>

Excerpt:
...the coming milestone of May 5, at 17:00 UTC - at this time DNSSEC will
be rolled out across all 13 root servers. Some Internet users, especially
those inside corporations and behind smaller ISPs, may experience
intermittent problems. The reason is that some older networking equipment
is pre-configured to block any reply to a DNS request that exceeds 512
bytes in size. DNSSEC replies are typically four times as large.
--- end excerpt ---

I followed the link from the story to
<https://www.dns-oarc.net/oarc/services/replysizetest>, a coordinating
organization, and tried their test (as root):
 dig +short rs.dns-oarc.net txt

And see that where I work, we're not ready. Is anyone following this,
and/or have a HOWTO on enabling it for CentOS?

         mark (need to check this at home, too)

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux