[Dnsmasq-discuss] Automatic DNSSEC-signing of ressource records
Jeroen van der Ham
vdham at uva.nl
Thu Sep 11 14:50:14 BST 2014
Hi,
On 22 Aug 2014, at 16:57, Rene Bartsch <ml at bartschnet.de> wrote:
> BIND and PowerDNS can sign resource records automatically when run as primary DNS with DNSSEC. Does Dnsmasq support signing resource records automatically in authoritative mode or are there any plans to support automatic zone signing in authoritative mode?
When exactly would you want dnsmasq to run as an authoritative name server?
Note that signing records is not as simple as just flipping a switch, the key has to be trusted as well. Which means that you have to register a key at your registrar.
If it is for private use, there is no reason to use DNSSEC anyway.
Jeroen.
More information about the Dnsmasq-discuss
mailing list