From 006ae7c43f5cb551570d5c81ff0c40df7c5736ad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20=C5=A0pa=C4=8Dek?= Date: Mon, 18 Jul 2022 13:23:47 +0200 Subject: [PATCH] Avoid opt-out flag in dnssec-signzone examples Since !6413 we discourage opt-out, so we should not be advertising it in the examples. Even worse, it was just thrown into the command line without even mentioning its meaning in the surrounding text. Related: !6413 --- doc/dnssec-guide/signing.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/dnssec-guide/signing.rst b/doc/dnssec-guide/signing.rst index 6adb9f0174..7fb8e147de 100644 --- a/doc/dnssec-guide/signing.rst +++ b/doc/dnssec-guide/signing.rst @@ -1402,7 +1402,7 @@ it is in a file called ``zone.child.example``, using manually specified keys: .. code-block:: console # cd /etc/bind/keys/example.com/ - # dnssec-signzone -A -t -N INCREMENT -o example.com -f /etc/bind/db/example.com.signed.db \ + # dnssec-signzone -t -N INCREMENT -o example.com -f /etc/bind/db/example.com.signed.db \ /etc/bind/db/example.com.db Kexample.com.+013+17694.key Kexample.com.+013+06817.key Verifying the zone using the following algorithms: ECDSAP256SHA256. Zone fully signed: