[Bug 782614] Re: make configuring DNSSEC validation easier
Anand Kumria
wildfire at progsoc.org
Sat Aug 6 10:07:56 UTC 2011
DNSSEC will place an additional burden on the network and, in particular, the infrastructure based DNS servers.
The rationale to have the root key defined here but not used is that
will use some of the existing DNS infrastructure (via use of RFC5011)
and allow server operators to gauge load.
I would recommend that Ubuntu 11.10 ships with DNSSEC available (i.e.
root key but disabled) and Ubuntu 12.04 ships with DNSSEC enabled (i.e.
root key and enabled by default), so that server operators are not
overwhelmed.
** Patch added: "0005-Add-in-the-current-root-.-DNSSEC-key.patch"
https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/782614/+attachment/2257836/+files/0005-Add-in-the-current-root-.-DNSSEC-key.patch
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bind9 in Ubuntu.
https://bugs.launchpad.net/bugs/782614
Title:
make configuring DNSSEC validation easier
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/782614/+subscriptions
More information about the Ubuntu-server-bugs
mailing list