Comments on Root Key Rollover impact on BIND users
Thomas Schulz
schulz at adi.com
Mon Dec 12 16:38:38 UTC 2016
In the following I ment to say 'dnssec-validation' instead of 'dnssec-enable'.
> > https://www.isc.org/blogs/2017-root-key-rollover-what-does-it-mean-for-bin
> > d-users/
> >
> > Towards the end of the blog, there is a short list of possible corner
> > cases that could trip people up during the rollover. If
> > you folks can think of others, please do share them.
>
> I found a case where the documentation is not clear (at least to me).
>
> I found that I had 'dnssec-enable yes' along with a managed-keys
> statement with an initial-key. If I change to 'dnssec-enable auto'
> do I still need a managed-keys statement? If not will it hurt to have
> one? Can I have a managed-keys statement without an initial-key?
Tom Schulz
Applied Dynamics Intl.
schulz at adi.com
More information about the bind-users
mailing list