GitLab now enforces expiry dates on tokens that originally had no set expiration date. Those tokens were given an expiration date of one year later. Please review your personal access tokens, project access tokens, and group access tokens to ensure you are aware of upcoming expirations. Administrators of GitLab can find more information on how to identify and mitigate interruption in our documentation.

Self sign-up has been disabled due to increased spam activity. If you want to get access, please send an email to a project owner (preferred) or at gitlab(at)nic(dot)cz. We apologize for the inconvenience.

TSIG not supported on NOTIFY messages

It looks like there is no actual TSIG support for NOTIFY messages, both in master and in slave mode. Outgoing notify messages does not contain any TSIG RR. Incoming notify messages are accepted without TSIG even if there is a key configured for the master server.

Although there is no real danger in not securing the NOTIFY messages, current behaviour of Knot leads to various interoperability issues with other DNS software like BIND or NSD3.