]> git.ipfire.org Git - thirdparty/knot-resolver.git/commit
projects / thirdparty / knot-resolver.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: eadde42) | patch
etc/: add the fresh DNSSEC root key "KSK-2024" already docs-develop-ksk-qmeiye/deployments/4323
authorVladimír Čunát <vladimir.cunat@nic.cz>
Mon, 10 Jun 2024 14:05:41 +0000 (16:05 +0200)
committerVladimír Čunát <vladimir.cunat@nic.cz>
Mon, 10 Jun 2024 14:21:22 +0000 (16:21 +0200)
commit62b3b1e931ac7a7e8c521f2b7a7e90ac5d85d52d
treee8125756e8afb64d58cfdad3d72828073f8556cetree
parenteadde4230f2fafbe8e8c0254b2d9a1a66ea7723dcommit | diff
etc/: add the fresh DNSSEC root key "KSK-2024" already

The key still won't be used for some time, two years maybe,
but I think it's better to preemptively trust it already.
(outdated machines, etc.)

Some evidence that it's not just a hash of *my* private key:
https://www.iana.org/dnssec/ceremonies/53-2
https://data.iana.org/ksk-ceremony/53-2/kskm-keymaster-20240426-173035-995.log
https://www.youtube.com/live/gw4PFhtnVpk?si=C8zevM3nG9O0XAJr&t=12726
NEWS diff | blob | blame | history
etc/root.keys diff | blob | blame | history
Mirror of https://gitlab.nic.cz/knot/knot-resolver.git