[Pdns-users] PDNS Inline-Signing with pre-signed zones: defined behavior
klaus.mailinglists at pernau.at
Tue Aug 20 08:43:26 UTC 2013
I wonder how PDNS behaves when it should sign a zone which is already
pre-signed (e.g. my customer sends me a pre-signed zone although it
should send me an unsigned zone).
Of course I could just test the behavior, but I want to know if there is
a strict policy in PDNS for this scenario on which I can rely.
I think having already DNSKEY records in the DB should be fine (there
are uses cases, e.g. for a DNS provider change) - but what about
existing RRSIGs and NSEC3PARAM
More information about the Pdns-users