Daniel A. Ramaley <[email protected]> wrote: > > From the responses i received, it seems i completely misunderstood how > automatic signing is supposed to work. If i'm now understanding > correctly, there are 2 mutually exclusive ways to do things: > 1) Maintain zone files with a text editor, and sign them manually. > 2) Maintain zones with nsupdate, and let Bind sign them.
Option 2 is best when you have an update-policy clause. There is no need for inline-signing in this case. There is a third option: 3) Maintain zone files with a text editor, and use inline-signing mode to get named to sign them. For option 3 you don't want an update-policy clause. Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ - I xn--zr8h punycode Dogger: Northwesterly 4 or 5, occasionally 6 in east. Slight or moderate. Showers. Good. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
