nanog mailing list archives
Re: DANE of SMTP Survey
From: Mark Tinka <mark@tinka.africa>
Date: Tue, 8 Jun 2021 12:39:23 +0200
On 6/3/21 23:41, babydr DBA James W. Laferriere wrote:
The Signing of the 'Zone' , Can the 'Zone' be signed by a self-signed key ? Or MUST I (and others) rely on a external certificate authority ?Mind you I notice in rfc6487 (note(s)) about self-signed certificates . So Maybe I am being a bit over worried about having to spend more money just to keep my 2 ip-ranges routing in light of the RPKI initative(s) .Which Mr. Andrews response below answers quite succinctly ,
Indeed! Thanks, Mark.Yeah, it's never been obvious or apparent to me that self-signed keys for DNSSEC would not be honoured.
My personal zone, as well as my company's one, are both self-signed. They've both been working reasonably well, so far.
Mark.
Current thread:
- DANE of SMTP Survey Moritz Müller via NANOG (Jun 01)
- Re: DANE of SMTP Survey Jeroen Massar via NANOG (Jun 02)
- Re: DANE of SMTP Survey Mark Tinka (Jun 02)
- Re: DANE of SMTP Survey babydr DBA James W. Laferriere (Jun 03)
- Re: DANE of SMTP Survey Mark Tinka (Jun 02)
- Re: DANE of SMTP Survey babydr DBA James W. Laferriere (Jun 04)
- Re: DANE of SMTP Survey Mark Tinka (Jun 08)
- Re: DANE of SMTP Survey Mark Tinka (Jun 02)
- Re: DANE of SMTP Survey Mark Andrews (Jun 03)
- Re: DANE of SMTP Survey Jeroen Massar via NANOG (Jun 02)
- Re: DANE of SMTP Survey Jeroen Massar via NANOG (Jun 02)
- Re: DANE of SMTP Survey Scott Morizot (Jun 02)
- Re: DANE of SMTP Survey Jeroen Massar via NANOG (Jun 02)
- Re: DANE of SMTP Survey Mark Tinka (Jun 02)
- Re: DANE of SMTP Survey John Levine (Jun 11)
- Re: DANE of SMTP Survey Tom Ivar Helbekkmo via NANOG (Jun 11)
- Re: DANE of SMTP Survey John Levine (Jun 11)