Hi --
I am interested in making my postfix mailserver secured by DANE, and thus, I am starting to investigate dnssec. After having read some documentation about dnssec, I do have a rudimentary knowledge about it.
But, before installing dns/opendnssec I am left with an unanswered question: How often does one need to renew the trust anchor at the parent zone?
If I do understand the documentation of dns/opendnssec correctly, I will end with an automatic key rollover process, except one manual process: uploading the trust anchor to the parent zone.
Thanks in advance
I am interested in making my postfix mailserver secured by DANE, and thus, I am starting to investigate dnssec. After having read some documentation about dnssec, I do have a rudimentary knowledge about it.
But, before installing dns/opendnssec I am left with an unanswered question: How often does one need to renew the trust anchor at the parent zone?
If I do understand the documentation of dns/opendnssec correctly, I will end with an automatic key rollover process, except one manual process: uploading the trust anchor to the parent zone.
Thanks in advance