[BlueOnyx:08728] Re: DNSSEC Feature in BX
Chris Gebhardt - VIRTBIZ Internet
cobaltfacts at virtbiz.com
Tue Oct 4 15:41:07 -05 2011
Lew Berry wrote:
>> Hi Group,
>>
>> Is there a plan to include DNSSEC in future release of BX? GoDaddy
> offers
>> this feature and I'm thinking many top registrars are doing the same
> in the
>> near future. (Michael?)
This isn't so much a BX issue as it is an upstream issue with regard to
which version of BIND is packaged.
As of now, 5106R (on CentOS 5) is packaged with Bind 9.3.6-16.P1.el5.
BIND 9.3 does not support NSEC3 records so it's implementation would
never be complete. It is unlikely that Red Hat will package the
requisite BIND 9.6 in RHEL5 (upstream for CentOS 5). So don't go
looking for DNSSEC to be implemented into 5106R anytime soon, if at all.
5107R is running 9.7.3-2.el6_1.P3.2.i686, and I would imagine that 5108R
is running the 64-bit equivalent, although I don't have a box handy at
the moment to verify. Therefore, it would be technically feasible to
add DNSSEC capability going forward. As for the "near future" aspect,
I'm not sure that needs to be our focus, unless somebody (Hi Mike!)
wants to contribute. There is plenty of other low-hanging fruit, and
DNSSEC is hardly setting the world on fire in terms of adoption rate.
> While we're doing DNS feature requests, SRV and SPF records from the web
> management would be much appreciated too.
SRV records could be implemented but for me this falls into the same
category as DNSSEC above.
SPF is already supported... it's just a TXT record. So compose your
SPF and then enter it as a TXT and you're all set.
--
Chris Gebhardt
VIRTBIZ Internet Services
Access, Web Hosting, Colocation, Dedicated
www.virtbiz.com | toll-free (866) 4 VIRTBIZ
More information about the Blueonyx
mailing list