Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

What does the administration of signed zone entail?

Administration signed zone
0
Posted

What does the administration of signed zone entail?

0 CommentsAdd a Comment

1 Answer

0

Administration of a DNSSEC signed-zone is more involved than that of an unsigned zone. Zone maintenance in the non-DNSSEC environment simply involves changing records as required and updating the serial number with each change. In many networks this is an automated process. However, in the DNSSEC environment this action alone would result in the invalidation of the zone data. Therefore, in addition to updating records and serial numbers the zone itself must be resigned. Care must be taken to keep keys and signatures current and not let signatures expire. If the zone is compromised either by malicious intent or neglect, the Zone Data Administrator must take actions to restore the zone’s place in the DNSSEC authentication chain.

0 CommentsAdd a Comment
What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123