Re: Historic Moment - Root zone of the Internet was just signed minutes ago!!!

Paul Wouters Sat, 17 Jul 2010 07:45:40 -0700

On Fri, 16 Jul 2010, Tony Finch wrote:

unbound requires trust anchors in DS format which is somewhat more
convenient, though you still have to edit IANA's XML to convert it into
master file format.


You can also use DNSKEY statements in unbound:

~> grep trusted-keys /etc/unbound/unbound.conf
trusted-keys-file: "/etc/pki/dnssec-keys/production/root.conf"
~> cat /etc/pki/dnssec-keys/production/root.conf
trusted-keys {
"." 257 3 8 
"AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjFFVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoXbfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaDX6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpzW5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relSQageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulqQxA+Uk1ihz0=";
 // key id = 19036

};

Paul

_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Re: Historic Moment - Root zone of the Internet was just signed minutes ago!!!

Reply via email to