--- /dev/null
+@ 86400 IN SOA powerdnssec1.ds9a.nl. ahu.ds9a.nl. 1343746995 10800 3600 604800 10800
+@ 3600 IN NS powerdnssec1.ds9a.nl.
+@ 3600 IN NS powerdnssec2.ds9a.nl.
+auth-3.4.0.security-status 60 IN TXT "1 OK"
+recursor-3.6.0.security-status 60 IN TXT "3 Upgrade now, see http://doc.powerdns.com/html/powerdns-advisory-2014-01.html"
+recursor-3.6.1.security-status 60 IN TXT "1 OK"
+
+
To solve this issue, PowerDNS can be compiled with a distribution setting
which will move the security polls from:
'auth-x.y.z.security-status.secpoll.powerdns.com' to
-'auth-x.y.z-n.security-status.debian.secpoll.powerdns.com
+'auth-x.y.z-n.debian.security-status.secpoll.powerdns.com
Note two things, one, there is a separate namespace for debian, and
secondly, we use the package version of this release. This allows us to know
'secpoll.powerdns.com'. If empty, nothing is polled. This can be moved to
'secpoll.yourorganization.com'.
-If compiled with DISTRIBUTION=dist PACKAGEVERSION=3.1.6-abcde, queries will be sent to
-"auth-3.1.6-abcde.dist.security-poll-suffix".
+If compiled with PACKAGEVERSION=3.1.6-abcde.debian, queries will be sent to
+"auth-3.1.6-abcde.debian.security-status.security-poll-suffix".
## Delegation
If a distribution wants to host its own file with version information, we
-can delegate dist.secpoll.powerdns.com to their nameservers directly.
+can delegate dist.security-status.secpoll.powerdns.com to their nameservers directly.
projects / thirdparty / pdns.git / commitdiff
