upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-10 20:10:04 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Update KSK root sentinel references

Browse source 
The mechanism was published as RFC 8509. I've briefly looked at diff
between versions -08 and the RFC and did not find significant protocol
change. Quick manual check confirms what we seem to comply with the
published protocol.

(cherry picked from commit 153311da2d)
This commit is contained in:
Petr Špaček 2024-05-07 13:24:43 +02:00
parent f148d39a9b
commit 9291689720
2 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
doc/arm/general.rst
View file

@ -285,6 +285,9 @@ Parent via CDS/CDNSKEY.* March 2017. [#rfc8078]_
:rfc:`8484` - P. Hoffman and P. McManus. *DNS Queries over HTTPS (DoH).*
October 2018. [#noencryptedfwd]_
:rfc:`8509` - G. Huston, J. Damas, W. Kumari. *A Root Key Trust Anchor Sentinel
for DNSSEC.* December 2018.
:rfc:`8624` - P. Wouters and O. Sury. *Algorithm Implementation Requirements
and Usage Guidance for DNSSEC.* June 2019.

2
doc/arm/reference.rst
View file

@ -2147,7 +2147,7 @@ Boolean Options
:short: Controls whether BIND 9 responds to root key sentinel probes.
If ``yes``, respond to root key sentinel probes as described in
`draft-ietf-dnsop-kskroll-sentinel-08 <https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-kskroll-sentinel-08>`_. The default is ``yes``.
:rfc:`8509`:. The default is ``yes``.
.. namedconf:statement:: reuseport
:tags: server