(Presuming, of course, that you've got an ARIN assignment or allocation. If you're in a provider-assigned block, you'll need to chat with your ISP about the DS linkage for your PTR zones... /John ) On Oct 18, 2011, at 12:31 PM, John Curran wrote:
On Oct 18, 2011, at 10:21 AM, Eric J Esslinger wrote:
Well it makes sense we should, just that all the examples, discussion, and such I've read dealt with forward records.
I guess I get to dig some more. Thanks.
Eric -
Your in-addr zone first needs to be signed and then the DS records are put in the parent in-addr zone to link into the signed IN-ADDR.ARPA hierarchy. In the ARIN region, this can be done via the DNSSEC DS record management in ARIN Online or via the RESTful provisioning interface.
ARIN DNSSEC Project overview: https://www.arin.net/resources/dnssec/ ARIN Online/DNSEC Tutorials: https://www.arin.net/knowledge/dnssec/index.html
FYI, /John
John Curran President and CEO ARIN