[rbldnsd] Feature request: DNSSEC
Florian Weimer
fw at deneb.enyo.de
Fri Jul 11 22:04:30 MSD 2008
* Victor Duchovni:
> On Fri, Jul 11, 2008 at 09:19:08AM +0200, Florian Weimer wrote:
>
>> * Victor Duchovni:
>>
>> > This number works out to ~2.4 million records. Does signing wildcards
>> > break punching "holes" for exceptions.
>>
>> This is more realistic.
>
> It is not, because while the A record is independent of the CIDR block
> member address, the TXT record is not. So the TXT records need individual
> signatures.
Do you really list 420 million individual IP addresses? Couldn't you
pass the CIDR range you list to the web front end?
More information about the rbldnsd
mailing list