DANE of SMTP Survey

• Previous message (by thread): DANE of SMTP Survey
• Next message (by thread): DANE of SMTP Survey
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 6/3/21 23:41, babydr DBA James W. Laferriere wrote:

>
>     The Signing of the 'Zone' ,  Can the 'Zone' be signed by a 
> self-signed key ?  Or MUST I (and others) rely on a external 
> certificate authority ?
>
>     Mind you I notice in rfc6487 (note(s)) about self-signed 
> certificates .
>     So Maybe I am being a bit over worried about having to spend more 
> money just to keep my 2 ip-ranges routing in light of the RPKI 
> initative(s) .
>
>     Which Mr. Andrews response below answers quite succinctly ,

Indeed! Thanks, Mark.

Yeah, it's never been obvious or apparent to me that self-signed keys 
for DNSSEC would not be honoured.

My personal zone, as well as my company's one, are both self-signed. 
They've both been working reasonably well, so far.

Mark.

• Previous message (by thread): DANE of SMTP Survey
• Next message (by thread): DANE of SMTP Survey
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]