Re: Different deployment stages of DNS
For that specific reason that is mention above the following is recommended. Make sure that the generation of keys, the storing of the private key, and the signing of zones is performed on a DNS server that physically secure and whose access is restricted to essential personnel only. Store at least one backup copy of the private key on a different computer. For more information about how to perform this backup, see section 6.5. The DNS service must be installed on that computer so that you can access the signing tool using Dnscmd.exe.
I'm the Proud Owner of the most dangerous weapon
known to man kind: Human Brain
Bookmarks