[yadifa-users] Integrated DNSSEC key management

Markus Kolb markus.kolb+yadifa at tower-net.de
Tue Sep 22 13:43:31 CEST 2015


I don't find any information about the "integrated DNSSEC key 
feature in YADIFA.

Can you explain what is managed here exactly?

Is it related to the key rollover?

Does it resign my zones with which keys?
Or how does it lookup the keys?
Does it resign also during startup from old out-dated signed zone files?
Do I have to sign my zone files or is it completely handled by YADIFA
and I've only to put the ZSKs and KSK in my zone file?
Does it recognize the publish and activate dates?
You see, questions over questions...


More information about the yadifa-users mailing list