> Then why was anchors2keys written to create only trusted-keys?<GRIN>?
My guess is because managed-keys was only introduced in BIND 9.7, and
they wanted to be able to support 9.6 as well.
> It doesn't look hard to modify the script, but there appears to be
> subtle differences in syntax between the two data types.
The difference is the addition of an extra keyword immediately after the
zone name: "initial-key". So whereas the trusted-keys statement for the
root zone looks like this:
trusted-keys {
. 257 3 8 "[gibberish]";
};
The equivalent managed-keys statement is:
managed-keys {
. initial-key 257 3 8 "[gibberish]";
};
(The extra keyword is there because we were thinking we might want to
extend the syntax someday and add other methods for intiializing trust
anchors.)
--
Evan Hunt -- [email protected]
Internet Systems Consortium, Inc.
_______________________________________________
bind-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/bind-users
