Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.protocols.dns.bind > #15941
| Path | csiph.com!aioe.org!news.etla.org!nntp-feed.chiark.greenend.org.uk!ewrotcd!usenet-its.stanford.edu!usenet.stanford.edu!not-for-mail |
|---|---|
| From | Daniel Stirnimann <daniel.stirnimann@switch.ch> |
| Newsgroups | comp.protocols.dns.bind |
| Subject | Re: AW: How to prepublish additional DNSKEY |
| Date | Thu, 9 Jul 2020 12:43:57 +0200 |
| Lines | 18 |
| Approved | bind-users@lists.isc.org |
| Message-ID | <mailman.662.1594291431.942.bind-users@lists.isc.org> (permalink) |
| References | <3E18C1A0C550C44DA156DA5DA8ECCC6AB622808F@NICS-EXCH2.sbg.nic.at> <alpine.DEB.2.20.2007081628490.9145@grey.csi.cam.ac.uk> <3E18C1A0C550C44DA156DA5DA8ECCC6AB622A510@NICS-EXCH2.sbg.nic.at> <8bfafdd3-edb6-8e2a-e20b-d4d094cb7c32@switch.ch> |
| NNTP-Posting-Host | lists.isc.org |
| Mime-Version | 1.0 |
| Content-Type | text/plain; charset="utf-8" |
| Content-Transfer-Encoding | 7bit |
| X-Trace | usenet.stanford.edu 1594291466 11567 149.20.1.60 (9 Jul 2020 10:44:26 GMT) |
| X-Complaints-To | action@cs.stanford.edu |
| Cc | "bind-users@lists.isc.org" <bind-users@lists.isc.org> |
| To | Klaus Darilion <klaus.darilion@nic.at> |
| Return-Path | <daniel.stirnimann@switch.ch> |
| X-Original-To | bind-users@lists.isc.org |
| Delivered-To | bind-users@lists.isc.org |
| X-Virus-Scanned | by SpamTitan at switch.ch |
| DKIM-Signature | v=1; a=rsa-sha256; c=simple/simple; d=switch.ch; s=selector1; t=1594291452; bh=noKw4fIYk8VkxDYlvTIc1uzIhDKJ7WS9S92/NTgx78k=; h=Subject:To:CC:References:From:Date:In-Reply-To; b=QoCRNSDrsSd+V4vndje65/CPTTyDq61tqfUYcp932uosOeRpEJFnBvLR6bWZQAI0u aT8FFoPbWrHxMZO+h50Zw92lh+ufSzCvosw8tnmd7rOvB8nErjiFyX0wJAkG53me7F EvmtZe8wO2UI6usvx3UaDLckxBthGcD+Un4CXJCiTp18rOdzQmU/TFeYQY06XBQvEW opD7pCwgauOiKomoYuXi22ouCavfSPZeXm4cbmF0uNxkBaMOkoEclcH/J9imxoP95f 210HEj2buW5NwYfvWS0X1w5edhqG5qN0kgy6IDghXikFfjcuwdezT9mpjRZjvV8nzk nqLOvlD2BFz+A== |
| Authentication-Results | mx1.switch.ch; none |
| Autocrypt | addr=daniel.stirnimann@switch.ch; keydata= mQINBFVNyCoBEADJDVcf9JYFy2yd72s3B8GMNcfHrke7eoX6IZjL47g3/tFAWTy9HJwt6dBH OkW9/wb7W8BorMIWwE/+kBKahUSmhEc4aSEksjensTSG6WTGAbUvxFM9KhwkxjJpQLqOPyk6 6mEYXgNMZiXRo02kysbV+uRZHxZ7AzGNZ7bVNJ01Nwu9ShRFANqmHrpE7Uf9vzb4aG+6lIZu 1Y++X7tWzGZTf0IVboNyisHODq442J2UcEwEj//gayRjn3WiCT/CKt/aD203eet9RIEm/uTl 0JxWndNyp5C4LVFii/AWy127aBFbnirUxJzOBHfQoGodWPu1dmzizgWXF/C36QtNyJQzDhyC ts9PzGFMv8mq2js902m7VwtMGTap6drux6+z/kEpnlXdyUR9BYwvalPE0huNkcH+r5gWT46l 6fzKCJ7VIAdn1GBZS3dYRoZQ1QMMugi68yHnqIdWy3s0gJ4IFkjuThK+Rx88pwSyjxKOKLOB 3yuG1uWb0o2HN+5TTU/I+Wvg3EvfzscF/Gazj1DuyTjiCZghA2lnU2Feob8oDHE/krmu7xSl Kp+uTDCefKzNtPi6R0BN2OVCUBnjoWkyFZroFd80RlFZTswlKaIrS8h6AoTeDpmmhpDfrpjY 1lWZbPxaRP5NMZ/W9JXru8G3fgEuLcrIVx4xtyc/7hqm+eVLhwARAQABtC9EYW5pZWwgU3Rp cm5pbWFubiA8ZGFuaWVsLnN0aXJuaW1hbm5Ac3dpdGNoLmNoPokCNwQTAQgAIQUCVU3IKgIb AwULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRDYNlcskS2oyB6gEACm0s2onItKmp7Y76pt M1RedVPM21wIhc5YtmaOJQxz+YLaROXijbaijn2veW9/XsJ+3qKjJvgzmeU4NswHuRHS7kuA tDXlcTqkZqZYeJWAQvvWCw7CNlGaufzXz6u9/hs9ITEQKOVY+3apX0bZmbcZqldK0mERA9m2 ZwsT1Z3NZIHuoUsfjv6PqOf2xfLBjOk+5pwsQNPXlM3KlIRHr69xHqfpm38343focf4mPETb 7WLjYPmDsQIZRdnO24+uGTxu0FDWe8SQNKUDB4i4zyVNB4R/tJM81TRVVC6RDiYM1lqMybSO +0p8cO/LAeurSCyyNpZJXJnq3lQGCzPc1OqbqnvSedQRXQUfav3p6H5q7s2g7KqiW/rAWT0E NjRJxSCzg82TOld3RfXw7ELVztNuYNnlYAlGl5/b3J4nUHhfU11h3iCmNZNgAcSkjuNeftLt BfHqlqpnmzIrQhF6g3qCN+yaaVLXvyRuK080BMa+C8jIp1LuLhcKlXNBO3vt/eQDOyDzubCx 6mrRBJOYW7+/souL1hbqppsWYYwQPJe4CW7B58SFwwyWoPQoq2O7H70vfD+9wD4biQQ7mmwY tQkVGVAlUHiTt8/Vl4/YWdIkZWZ6xdEWJv67lbJ3PAyzbwsh0hPefx/BI3efKRbUrvVc3Lb6 6Yl+jNkk9rokJCBOyrkCDQRVTcgqARAAuiGwPInrgsfjxQGxqhxFHsh4sAb5+DDNURlc1rt+ A/DMOk2EysPqZtiV2AYeLcHjSxItSIp395vgtHtljpOoCkBanWsWpYtQAER9W6JrubczZ1mN GCSkziXjT1FWuVReTG84YVt/Mi0kN7GD8Bg8B+sEdcOG717zmvUFnkHIRKbMHt/KTIqBIOsI xSRlgT/NBUAjo2yofANS0a12IJxghL0jMQfoxpu9IoZ5gZbziUXDOLj+K3kP8Lh/6cOglArd 7a4GlDBIeCtHt3/iox1r6hBPF+6g4ZI7lbEjAykEDyQIxLxl2pWc9rsrMJJx2W5pktwWX2Q9 VCtL9t5cWMHgg0pqig50N2MOiOWY6fDH9DzvcXbzUw04db1aJF4flSu0N52B9KSlBbuhcJin FM/mi8v2YJf62xwkOAkdmJlaVzLweuARaLMcO6cS50LtWF/rJfo2wbPk2ytMFRIAwFoPMf99 LhP68k9Qgsra4GBKRf6IZ4jxpgg//kOYXTsFdG96pCfoOSit8imSQJaz4Q34dGPUVf+K9LtT OAhRqf7rTceK30PiGV77ULGtraFm8SQpRXma5dxqzFzD/rA0JfpODeipgCAox+C/xj51FkSJ Wmkje8xKfuwPzRCWIeOPwPUtkTZmbZ133BJqhuQ5fJ2akELel0+NRoPjJSGcgNHYk3sAEQEA AYkCHwQYAQgACQUCVU3IKgIbDAAKCRDYNlcskS2oyHLDEACsa0icacTUohU2O12FJVf3cQVR ExLJhAQPWNLyU/ubwzK534X5VutTCeT5/gqBBuVBPTuw30mor9WmEKM4Bl5A77ezVDVonLRi QaSbzmXCSZSBozTQYlHHC3KOLEz1ZtcJLzwR6LljZb49m8JGxX70y6YxRZ1Ozzn43vIZxEp9 BBTPfiDNcCCxQb2P+O7N8etcYiflJwTPxfCtovWtNgjOAFG6QD0TdPrVyV30vZu8FylqzWWw 9SqkpRhNJBBilOAS+/J8/BUp5bmCfYUNvnUD1htaAJWuWW6WYfRdc7DkpQ73odYIJQwMeVpY t3sZuXrea+V/DUNEZDydD+/KLyN3gjr/gGe3S9xZT9nB47S/qZnOTV1F9w0h3Ut2PWN1uCjr zH8Cnji5SQgCdVKE7ytuZsmnh0k23vg9U2D46VC84/c4CXc/vWLzQCtq8HIy4lXEy1p/47dN rPDJ8G5ChtbHab0n+QDiezbZa79ACQ3TkGmH4Fo35anZCmFwqINJLve7SRzY+CCawpyTaJBz 2J/3ktd1SwxQekMS0z2MCwWv0Xy0dunATNZEks+8GdVrpN6nqzWP73o3dv9K0SWoDSfTYkj4 eel7GJ3XKKpxu08PBigd64gTgPUIqG+ZRPnBQzfuY3f2DURL/J4SlpmUfGBVVeU8+SNFVh/a U00Ijfx0yw== |
| User-Agent | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 |
| In-Reply-To | <3E18C1A0C550C44DA156DA5DA8ECCC6AB622A510@NICS-EXCH2.sbg.nic.at> |
| Content-Language | de-CH |
| X-ClientProxiedBy | SWH-S06-EXC4.swd.switch.ch (172.16.60.18) To SWH-S04-EXC2.swd.switch.ch (172.16.60.12) |
| X-Spam-Status | No, score=-0.2 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=disabled version=3.4.2 |
| X-Spam-Checker-Version | SpamAssassin 3.4.2 (2018-09-13) on mx.pao1.isc.org |
| X-BeenThere | bind-users@lists.isc.org |
| X-Mailman-Version | 2.1.29 |
| Precedence | list |
| List-Id | BIND Users Mailing List <bind-users.lists.isc.org> |
| List-Unsubscribe | <https://lists.isc.org/mailman/options/bind-users>, <mailto:bind-users-request@lists.isc.org?subject=unsubscribe> |
| List-Archive | <https://lists.isc.org/pipermail/bind-users/> |
| List-Post | <mailto:bind-users@lists.isc.org> |
| List-Help | <mailto:bind-users-request@lists.isc.org?subject=help> |
| List-Subscribe | <https://lists.isc.org/mailman/listinfo/bind-users>, <mailto:bind-users-request@lists.isc.org?subject=subscribe> |
| X-Mailman-Original-Message-ID | <8bfafdd3-edb6-8e2a-e20b-d4d094cb7c32@switch.ch> |
| X-Mailman-Original-References | <3E18C1A0C550C44DA156DA5DA8ECCC6AB622808F@NICS-EXCH2.sbg.nic.at> <alpine.DEB.2.20.2007081628490.9145@grey.csi.cam.ac.uk> <3E18C1A0C550C44DA156DA5DA8ECCC6AB622A510@NICS-EXCH2.sbg.nic.at> |
| Xref | csiph.com comp.protocols.dns.bind:15941 |
Show key headers only | View raw
On 09.07.20 11:51, Klaus Darilion wrote: >>> So, how is the correct process to add an additional DNSKEY (only the public >> key is known). >> >> I think you are looking for `dnssec-importkey`. > > Indeed. I imported the key and got a .key and .private file. I put those files in the same directory as the other keys, gave read permissions to bind and executed: > rndc loadkeys myzone > rndc sign myzone > > But the additional key is not added to the reponse of DNSKEY queries. Does the key have correct timing metadata in the key file? Have a look at "dnssec-settime". Daniel
Back to comp.protocols.dns.bind | Previous | Next | Find similar
Re: AW: How to prepublish additional DNSKEY Daniel Stirnimann <daniel.stirnimann@switch.ch> - 2020-07-09 12:43 +0200
csiph-web