BIND interfaces to support multi-signer operation
The Multi-signer project is a project with the goal of providing tools and guidelines for the implementation, automation, management and monitoring of a multi-signer model.
https://github.com/DNSSEC-Provisioning/Multi-signer
Command line
-
Add DNSKEY records (without access to private key) -
Add CDS/CDNSKEY record for keys not in the DNSKEY set -
Add CSYNC record -
Remove (previously added) DNSKEY record(s) -
Remove CDS/CDNSKEY records -
Remove CSYNC record
Dynamic DNS update
-
Add DNSKEY records (without access to private key) -
Add CDS/CDNSKEY record for keys not in the DNSKEY set -
Add CSYNC record -
Remove (previously added) DNSKEY record(s) -
Remove CDS/CDNSKEY records -
Remove CSYNC record
Rest API
-
Add DNSKEY records (without access to private key) -
Add CDS/CDNSKEY record for keys not in the DNSKEY set -
Add CSYNC record -
Remove (previously added) DNSKEY record(s) -
Remove CDS/CDNSKEY records -
Remove CSYNC record
Won't implement (until we have a proper Rest API implementation).