Your message dated Fri, 25 Nov 2022 23:47:19 +0100
with message-id <Y4FF9/n3exb7b...@fliwatuet.svr02.mucip.net>
and subject line Re: Bug#932613: bind9: Missing words from dnssec-signzone man
page
has caused the Debian Bug report #932613,
regarding bind9: Missing words from dnssec-signzone man page
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
932613: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932613
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: bind9
Version: 1:9.11.5.P4+dfsg-5.1
Severity: minor
In the text of "man dnssec-signzone":
-R
Remove signatures from keys that are no longer published.
This option is similar to -Q, except it forces dnssec-signzone to
signatures from
keys that are no longer published. This enables ZSK rollover using
the procedure
described in RFC 4641, section 4.2.1.2 ("Double Signature Zone
Signing Key
There are clearly some words missing from "forces dnssec-signzone to
signatures from".
-- System Information:
Debian Release: 10.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-5-amd64 (SMP w/12 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
TAINT_UNSIGNED_MODULE
Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8),
LANGUAGE=en_IE:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages bind9 depends on:
ii adduser 3.118
ii bind9utils 1:9.11.5.P4+dfsg-5.1
ii debconf [debconf-2.0] 1.5.71
ii dns-root-data 2019031302
ii libbind9-161 1:9.11.5.P4+dfsg-5.1
ii libc6 2.28-10
ii libcap2 1:2.25-2
ii libcom-err2 1.44.5-1
ii libdns1104 1:9.11.5.P4+dfsg-5.1
ii libfstrm0 0.4.0-1
ii libgeoip1 1.6.12-1
ii libgssapi-krb5-2 1.17-3
ii libisc1100 1:9.11.5.P4+dfsg-5.1
ii libisccc161 1:9.11.5.P4+dfsg-5.1
ii libisccfg163 1:9.11.5.P4+dfsg-5.1
ii libjson-c3 0.12.1+ds-2
ii libk5crypto3 1.17-3
ii libkrb5-3 1.17-3
ii liblmdb0 0.9.22-1
ii liblwres161 1:9.11.5.P4+dfsg-5.1
ii libprotobuf-c1 1.3.1-1+b1
ii libssl1.1 1.1.1c-1
ii libxml2 2.9.4+dfsg1-7+b3
ii lsb-base 10.2019051400
ii net-tools 1.60+git20180626.aebd88e-1
ii netbase 5.6
bind9 recommends no packages.
Versions of packages bind9 suggests:
pn bind9-doc <none>
ii dnsutils 1:9.11.5.P4+dfsg-5.1
pn resolvconf <none>
pn ufw <none>
-- Configuration Files:
/etc/bind/named.conf changed [not included]
/etc/bind/named.conf.local changed [not included]
/etc/bind/named.conf.options changed [not included]
-- debconf information:
bind9/different-configuration-file:
bind9/run-resolvconf: false
bind9/start-as-user: bind
--- End Message ---
--- Begin Message ---
On 21/07/19 09:39 AM, James Youngman wrote:
> In the text of "man dnssec-signzone":
>
> -R
> Remove signatures from keys that are no longer published.
>
> This option is similar to -Q, except it forces dnssec-signzone to
> signatures from
> keys that are no longer published. This enables ZSK rollover using
> the procedure
> described in RFC 4641, section 4.2.1.2 ("Double Signature Zone
> Signing Key
>
> There are clearly some words missing from "forces dnssec-signzone to
> signatures from".
This has been fixed ... at some time. 9.16 shows
-R This option removes signatures from keys that are no longer
published.
This option is similar to -Q, except it forces dnssec-signzone to
remove sig‐
natures from keys that are no longer published. This enables ZSK
rollover us‐
ing the procedure described in RFC 4641#4.2.1.2 ("Double
Signature Zone Sign‐
ing Key Rollover").
Bernhard
--- End Message ---
