Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RFC 5011 support #7

Closed
miekg opened this issue Oct 20, 2018 · 2 comments · Fixed by #195
Closed

RFC 5011 support #7

miekg opened this issue Oct 20, 2018 · 2 comments · Fixed by #195
Labels
enhancement New feature or request help wanted Extra attention is needed

Comments

@miekg
Copy link

miekg commented Oct 20, 2018

RFC 5011: Automated Updates of DNS Security (DNSSEC) Trust Anchors

is an RFC that tells you how to detect a root (KSK) key rollover happens and how to update your currently configured root-anchor.

I haven't implemented this myself, but it would be a nice addition.
@semihalev
Copy link
Owner

I read the RFC before and exactly it's very useful and necessary here. I will check technical details again in RFC about this.

@semihalev semihalev added the enhancement New feature or request label Oct 22, 2018
@semihalev semihalev added the help wanted Extra attention is needed label Nov 1, 2018
@semihalev semihalev linked a pull request Aug 3, 2023 that will close this issue
Auto trust anchors support described at RFC 5011 and related updates #195
Merged
@semihalev
Copy link
Owner

Hey Miek,

I added the auto trust anchors support on last commit. I read on ICANN, new KSK rollover soon. I made test server for root zone for all rollover states. This update successfully update trust anchors as described 5011 on my tests.

Thanks for your support.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Auto trust anchors support described at RFC 5011 and related updates semihalev/sdns
2 participants
@miekg @semihalev