Service/Nameservers: Difference between revisions
No edit summary |
|||
| Line 128: | Line 128: | ||
dnssec-signzone -o codewiz.org -K keys masters/codewiz.org.zone | dnssec-signzone -o codewiz.org -K keys masters/codewiz.org.zone | ||
/etc/init.d/bind9 restart | /etc/init.d/bind9 restart | ||
=== How to publish DLV records === | |||
Go to dlv.isc.org and upload the two DNSKEY records for each zone, then follow the instructions to validate them. | |||
This is the end result: | |||
* sugarlabs.org: https://dlv.isc.org/zones/3609 | |||
* sugarlabs.net: https://dlv.isc.org/zones/3612 | |||
* codewiz.org: https://dlv.isc.org/zones/3607 | |||
=== Add DS records to TLD === | |||
This step must be done by the registrar. | |||
I've opened a support ticket on [http://joker.com/ Joker] asking to add | |||
support for DS records. If they can't do it, we need to transfer | |||
sugarlabs.org to another registrar. At this time, the only decent choice | |||
for a DNSSEC enabled registrar is [http://name.com/ name.com]. | |||
=== How to validate zone data === | === How to validate zone data === | ||