Can you coordinate with other dns server packages in fedora to support this if they support dnssec? In particular: pdns and maradns are both packaged.
How does this affect dnsmasq? Does it handle dnssec ok? libvirt makes heavy use of it.
- dnsmasq forwards all the dnssec data, but it does not support to verify it. Afaik it is also not possible to enable dnssec for hostnames that are configured in /etc/hosts or in the dnsmasq config file. --Till 10:33, 11 December 2008 (UTC)
I think that "invulnerable" is a little too strong and that it should say something like "greatly hardened"
Is it already planned to get (part of) Fedora Infrastructure to use DNSSEC? This would be a nice thing to do. :-) --Till 00:24, 17 December 2008 (UTC)
It would certainly be nice to have the Fedora domains DNSSEC signed. There's a tool called zkt http://www.hznet.de/dns/zkt/ that's useful for maintaining DNSSEC signed domains. JeffOllie
Fedora 9 and Fedora 10
I have a Fedora 9 server running named with DNSSEC enabled for both Internet and my local DNS names. I've been running this way for a month now with no ill side effects. Is there anything I can do for this feature, or must I be running rawhide? :( --Mooninite 04:57, 26 February 2009 (UTC)