https://dotat.at/@/2024-05-08-dnssec-policy.html
Here are some notes about using BIND's new-ish dnssec-policy feature
to sign a DNS zone that is currently unsigned.
I am in the process of migrating my DNS zones from BIND's old
auto-dnssec to its new dnssec-policy, and writing a blog post
about it. These introductory sections grew big enough to be worth
pulling out into a separate article.
( Read more... )
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}