On Jan 6, 2012, at 9:43 AM, Siôn Lloyd wrote: > On 05/01/12 12:56, Fredrik Pettai wrote: >> Ok, I'm not 100% sure how I should interpret this warning: >> >> # ods-ksmutil key rollover --zone eduid.se --keytype ZSK >> SQLite database set to: /var/opendnssec/kasp.db >> *WARNING* This zone shares keys with others, all instances of the active key >> on this zone will be retired; are you sure? [y/N] N >> Okay, quitting... >> >> Isn't it just one instance of the active (ZSK) key for my zone? Does it mean >> that the other zones using the same key will continue as normal? Maybe this >> warning message could be written in a better way. > > The message is confusing, I'll reword it. > > What it means is that every zone that shares this key will be rolled. (The > fact that the rollover command is being used to force a roll is taken as an > indicator that this key is no longer trusted.)
Ok, thanks for clarifying! /P_______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
