I hereby claim:
- I am buffrr on github.
- I am buffrr (https://keybase.io/buffrr) on keybase.
- I have a public key ASD5-DnOfECmyq8VITgfgYxbQNcsqqUG9mgrJCEdkx0YSwo
To claim this, I am signing this object:
I hereby claim:
To claim this, I am signing this object:
This is a proof of concept branch for fixing NSEC proofs in HSD.
Here is some example configurations for running a standalone HSD root server with an external dnssec recursive resolver! You can let bind or external unbound resolver do most of the work for resolving and validating dnssec. HSD will only be responsible for serving the root zone.
Install hsd using the blacklies branch:
git clone https://github.com/buffrr/hsd
cd hsd && git checkout blacklies
Creating a self-signed certificate for example.com
(if you already have a certificate you can skip this step):
openssl req -x509 -newkey rsa:4096 -sha256 -days 365 -nodes \
-keyout cert.key -out cert.crt -extensions ext -config \
<(echo "[req]";
echo distinguished_name=req;
echo "[ext]";
echo "keyUsage=critical,digitalSignature,keyEncipherment";