31 Dec 2014 » DNSSEC statistics There is an interesting DNSSEC deployment statistic from ISC: Deploy 360. If you want to know how many domains are signed under new gTLDs, you can consult nTLDStats.
17 Dec 2013 » OpenDNSSEC: migrate from SQLlite to MySQL It’s recommented to use the MySQL backend for production use. I used SQLlite for my tests, because it was easier. When I wanted to go productive, I used the migration guide but found that the MySQL user / password could not be read from command line. I had to enter the MySQL root password in order to complete the migration.
14 Dec 2013 » OpenDNSSEC Basics: update kasp.xml When you update the policy in the kasp.xml file, you want to issue the following command to update the changes in the OpenDNSSEC database:
08 Dec 2013 » OpenDNSSEC Basics: updating a signed zone According to the OpenDNSSEC Zone Management wiki page you’ve to perform ods-signer sign example.com to get the zone resigned after changes. It’s vital, that you increase the SOA serial in the unsigned zone file. Otherwhise your nameserver might not be notified about the changed zone.
14 Nov 2013 » Welcome to my DNSSEC Blog In this blog I’m going to write about DNSSEC and my work with it. It will cover at least Bind and OpenDNSSEC, but might be extended to other software or services around DNSSEC I find useful.