Hi, On 6/13/19 2:40 PM, G.W. Haywood via bind-users wrote: > Hi there, > > On Thu, 13 Jun 2019, Matthijs Mekking wrote: > >> We would like to hear your feedback. > > Thank you for the timely heads up. > >> | managed-keys | 9.15/9.16 | replaced with dnssec-keys | > > According to my changelogs for 'named.conf I removed 'managed-keys' and > 'trusted-keys' three years ago, but still use 'managed-keys-directory'.
First of all, it is likely that you are using managed trust anchors that are configured with 'managed-keys' in a bind.keys file. If not, I believe that having `managed-keys-directory` is useless. > Will the option 'managed-keys-directory' also be deprecated? The option `managed-keys-directory` will stay because it will serve as the directory to store the files that track managed DNSSEC keys (i.e., those configured using "initial-key" keyword in the new "dnssec-keys" statement. Best regards, Matthijs
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
