[nsd-users] NSD RFC compliance questions (DNSSEC related)
Matthijs Mekking
matthijs at NLnetLabs.nl
Fri Oct 21 07:47:37 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Robert,
On 10/21/2011 07:12 AM, Robert Davidson wrote:
>
> Hi all,
>
> I need to know if NSD complies with the following RFCs and if they are
> or are not implemented. If they are not implemented it would be good to
> know why, but not essential. A simple "Yes" or "No" answer to each one
> will suffice.
>
> RFC 4470 Minimally Covering NSEC Records and DNSSEC On-line Signing
No: NSD does not do signing.
> RFC 4509 Use of SHA-256 in DNSSEC Delegation Signer (DS) Resource
> Records (RRs)
Yes.
> RFC 5011 Automated Updates of DNS Security (DNSSEC) Trust Anchors
No: NSD is not a resolver.
> RFC 5702 Use of SHA-2 Algorithms with RSA in DNSKEY and RRSIG Resource
> Records for DNSSEC
Yes.
Best regards,
Matthijs
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJOoSOZAAoJEA8yVCPsQCW5OtoIAN7dpAelzxxZ1dMMtw2ZuJpA
K8Ctrm5PLohDcjIsn63KtIghaOpbHT7AoI3nychh9XFxFhzs/OEyjsquN6jzhSEG
0FIcHpXmxoNjfVLEWy8stYPYDy/tpOQ8LwcVqTwz/U99caThnzdzw/7VUzqr5RQ3
+vY7BYFXFiA0gm0hNFoRgdnjkMb7VkdmBpXDcPnWWZV5sfOc0XvpopU4BjU0rtEE
AUMIRuDq5zHQIjz42A2sHm2ew3GbO6TukaSJOKHM0T3bTr1sP7PO2X0ZpIWRrC0O
hpeTNRcPi5Xx7TcZbTMeLYpwVnwR4IJpn0EMT0hDR8rYIV81nyRE3Fcr8TQwX44=
=SZ2B
-----END PGP SIGNATURE-----
More information about the nsd-users
mailing list