Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Are certifications worth it?
The Lounge What is on Your Mind? Are certifications worth it? Post 303004331 by bakunin on Friday 29th of September 2017 11:53:07 AM
Old 09-29-2017
i work with AIX, therefore my clients are always big companies (mostly banks) with big datacentres. I have none of these fancy certifications*) but i have a project record going back more than 30 years.

Would i (or, rather my business) profit from having all these certifications? I don't think so, but i have provable experience compensating for this. I suspect that for younger colleagues the situation is different.

Personally i think this certification industry is helping nobody except themselves. Instead of finding out if (and further certifying that) a person is capable of doing certain tasks the tests simply question factual knowlege. Now, suppose you are ill and need a doctor: would you want one who can name every bone in your body correctly, but has no idea about "therapy" or one who knows how to cure patients but has to look up the name of some bones in case they are involved? A person who can name all binaries in /usr/bin without error does not necessarily have the knowledge about how to use these to achieve a certain goal - and even if he does he might not have the wisdom (read: experience) to distinguish between a good solution and a bad one. **)

Certification testing, if it should really mean something, should be done in the same way academic testing is done: you get a problem description, create a solution for it and an expert or team of experts judge what you have done. They do not give you some multiple choice tests and after testing positive on 30 of these you are a physician. Of course, this would mean that the certification business would be a lot less profitable than it is now, because it would involve actual work on the part of the certifiers. But as their intent (like any capitalistic business) is not to deliver the best possible work but to make as much money as possible this has no realistic chance of becoming reality.

bakunin

________
*) actually this is not entirely true: i once was a certified MCSE ("Minesweeper Consultant & Solitaire Expert") because of a bet between me and a colleague from the Windows team. I was decertified 2002 because of prolongued disinterest in getting re-certified on my part. And i am still in business despite Microsoft writing me a letter which pictured my professional future without the certification in very dark colours.

**) the distinction is not good solutions work, bad ones don't because things that don't work are not solutions at all. A good solutions works AND is easy to maintain, well structured, uses the least possible resources, etc., etc. - a bad solution is a working kludge.
These 4 Users Gave Thanks to bakunin For This Post:
Don Cragun drysdalk hergp rbatte1
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

UNIX certifications

Are there any nationally recognized UNIX certifications, similar to A+., for basic unix and system admin skills? thanks (1 Reply)
Discussion started by: pacsman
1 Replies

2. What is on Your Mind?

Unix certifications

Hi all, I'm new to this forum also to unix, but eager to learn unix. Can any one gimme the certifications/exams available to validate our unix strengths. (7 Replies)
Discussion started by: sarang
7 Replies

3. UNIX for Dummies Questions & Answers

What Certifications to be done in UNIX

Hello I am a newbie i learnt Shell programming and Unix Internals.Well plz advice me what certifications i shud do as i have free time and want to utilize my time :) (1 Reply)
Discussion started by: strawberry
1 Replies

4. Shell Programming and Scripting

Certifications in Unix?

Guys, I just want information abt certifications available for unix. If they exist can anyone give some info them. Making clear I am pointing to developer level exams, not admin side. Thanks, Sharif.S (0 Replies)
Discussion started by: sharifhere
0 Replies

5. AIX

Aix Certifications

Hi , I want to know aix certifications,How to perepare for that ?How many number of papers are there? (12 Replies)
Discussion started by: manoj.solaris
12 Replies

6. Shell Programming and Scripting

UNIX Certifications

Hi All, Can anybody let me know if there is any Unix certification course which will provide basically programming in Unix. (4 Replies)
Discussion started by: darshakraut
4 Replies

7. What is on Your Mind?

Certifications on Unix and Linux

hi there :) I will study the Linux LPI certification in a few months What do u think about it? Is this certification good enough to work with solaris too actually? I´m not sure because i think is more oriented to linux, and solaris as far as i know, is based on UNix. What else can i... (3 Replies)
Discussion started by: andriusman
3 Replies

8. HP-UX

HP-UX Certifications

Hi, I am planning to get certified on HP-UX. I googled about HPUX Certifications. I understand that I need to pass on exam HP0-A01 but I find many references to HP0-095. I bought this book: HP-UX: HP Certification Systems Administrator, Exam HP0-A01 - Training Guide and Administrator's... (16 Replies)
Discussion started by: psicopunk
16 Replies

9. What is on Your Mind?

Certifications in Linux

Hi , I am working in Perl/Shell Script for past 3 years.I am planning to learn and switch my Career as Linux Admin.So Please suggest some certifications to learn about it.Do we have separate sub categories/area of specifications in Linux Admin ? Like Virtualization ,Vmware,storage. ... (0 Replies)
Discussion started by: Ajaytts123
0 Replies

LEARN ABOUT MOJAVE

dnssec-trust-anchors.d

DNSSEC-TRUST-ANCHORS.D(5)				      dnssec-trust-anchors.d					 DNSSEC-TRUST-ANCHORS.D(5)

NAME

       dnssec-trust-anchors.d, systemd.positive, systemd.negative - DNSSEC trust anchor configuration files

SYNOPSIS

       /etc/dnssec-trust-anchors.d/*.positive

       /run/dnssec-trust-anchors.d/*.positive

       /usr/lib/dnssec-trust-anchors.d/*.positive

       /etc/dnssec-trust-anchors.d/*.negative

       /run/dnssec-trust-anchors.d/*.negative

       /usr/lib/dnssec-trust-anchors.d/*.negative

DESCRIPTION

       The DNSSEC trust anchor configuration files define positive and negative trust anchors systemd-resolved.service(8) bases DNSSEC integrity
       proofs on.

POSITIVE TRUST ANCHORS

       Positive trust anchor configuration files contain DNSKEY and DS resource record definitions to use as base for DNSSEC integrity proofs. See
       RFC 4035, Section 4.4[1] for more information about DNSSEC trust anchors.

       Positive trust anchors are read from files with the suffix .positive located in /etc/dnssec-trust-anchors.d/, /run/dnssec-trust-anchors.d/
       and /usr/lib/dnssec-trust-anchors.d/. These directories are searched in the specified order, and a trust anchor file of the same name in an
       earlier path overrides a trust anchor files in a later path. To disable a trust anchor file shipped in /usr/lib/dnssec-trust-anchors.d/ it
       is sufficient to provide an identically-named file in /etc/dnssec-trust-anchors.d/ or /run/dnssec-trust-anchors.d/ that is either empty or
       a symlink to /dev/null ("masked").

       Positive trust anchor files are simple text files resembling DNS zone files, as documented in RFC 1035, Section 5[2]. One DS or DNSKEY
       resource record may be listed per line. Empty lines and lines starting with a semicolon (";") are ignored and considered comments. A DS
       resource record is specified like in the following example:

	   . IN DS 19036 8 2 49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde32f24e8fb5

       The first word specifies the domain, use "."  for the root domain. The domain may be specified with or without trailing dot, which is
       considered equivalent. The second word must be "IN" the third word "DS". The following words specify the key tag, signature algorithm,
       digest algorithm, followed by the hex-encoded key fingerprint. See RFC 4034, Section 5[3] for details about the precise syntax and meaning
       of these fields.

       Alternatively, DNSKEY resource records may be used to define trust anchors, like in the following example:

	   . IN DNSKEY 257 3 8 AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjFFVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoXbfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaDX6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpzW5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relSQageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulqQxA+Uk1ihz0=

       The first word specifies the domain again, the second word must be "IN", followed by "DNSKEY". The subsequent words encode the DNSKEY
       flags, protocol and algorithm fields, followed by the key data encoded in Base64. See RFC 4034, Section 2[4] for details about the precise
       syntax and meaning of these fields.

       If multiple DS or DNSKEY records are defined for the same domain (possibly even in different trust anchor files), all keys are used and are
       considered equivalent as base for DNSSEC proofs.

       Note that systemd-resolved will automatically use a built-in trust anchor key for the Internet root domain if no positive trust anchors are
       defined for the root domain. In most cases it is hence unnecessary to define an explicit key with trust anchor files. The built-in key is
       disabled as soon as at least one trust anchor key for the root domain is defined in trust anchor files.

       It is generally recommended to encode trust anchors in DS resource records, rather than DNSKEY resource records.

       If a trust anchor specified via a DS record is found revoked it is automatically removed from the trust anchor database for the runtime.
       See RFC 5011[5] for details about revoked trust anchors. Note that systemd-resolved will not update its trust anchor database from DNS
       servers automatically. Instead, it is recommended to update the resolver software or update the new trust anchor via adding in new trust
       anchor files.

       The current DNSSEC trust anchor for the Internet's root domain is available at the IANA Trust Anchor and Keys[6] page.

NEGATIVE TRUST ANCHORS

       Negative trust anchors define domains where DNSSEC validation shall be turned off. Negative trust anchor files are found at the same
       location as positive trust anchor files, and follow the same overriding rules. They are text files with the .negative suffix. Empty lines
       and lines whose first character is ";" are ignored. Each line specifies one domain name which is the root of a DNS subtree where validation
       shall be disabled.

       Negative trust anchors are useful to support private DNS subtrees that are not referenced from the Internet DNS hierarchy, and not signed.

       RFC 7646[7] for details on negative trust anchors.

       If no negative trust anchor files are configured a built-in set of well-known private DNS zone domains is used as negative trust anchors.

       It is also possibly to define per-interface negative trust anchors using the DNSSECNegativeTrustAnchors= setting in systemd.network(5)
       files.

SEE ALSO

       systemd(1), systemd-resolved.service(8), resolved.conf(5), systemd.network(5)

NOTES

	1. RFC 4035, Section 4.4
	   https://tools.ietf.org/html/rfc4035#section-4.4

	2. RFC 1035, Section 5
	   https://tools.ietf.org/html/rfc1035#section-5

	3. RFC 4034, Section 5
	   https://tools.ietf.org/html/rfc4034#section-5

	4. RFC 4034, Section 2
	   https://tools.ietf.org/html/rfc4034#section-2

	5. RFC 5011
	   https://tools.ietf.org/html/rfc5011

	6. IANA Trust Anchor and Keys
	   https://data.iana.org/root-anchors/root-anchors.xml

	7. RFC 7646
	   https://tools.ietf.org/html/rfc7646

systemd 237														 DNSSEC-TRUST-ANCHORS.D(5)
All times are GMT -4. The time now is 01:08 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy