mirror of
https://gitlab.isc.org/isc-projects/bind9
synced 2025-08-28 13:08:06 +00:00
update bind.keys comments
This commit is contained in:
Evan Hunt
parent
ab2d411996
commit
01e7ecfea6
24
bind.keys
24
bind.keys
@ -5,7 +5,7 @@
|
|||||||
# recognized or used by named.
|
# recognized or used by named.
|
||||||
#
|
#
|
||||||
# To use the built-in root key, set "dnssec-validation auto;" in the
|
# To use the built-in root key, set "dnssec-validation auto;" in the
|
||||||
# named.conf options or else leave "dnssec-validation" unset. If
|
# named.conf options, or else leave "dnssec-validation" unset. If
|
||||||
# "dnssec-validation" is set to "yes", then the keys in this file are
|
# "dnssec-validation" is set to "yes", then the keys in this file are
|
||||||
# ignored; keys will need to be explicitly configured in named.conf for
|
# ignored; keys will need to be explicitly configured in named.conf for
|
||||||
# validation to work. "auto" is the default setting, unless named is
|
# validation to work. "auto" is the default setting, unless named is
|
||||||
@ -14,22 +14,20 @@
|
|||||||
#
|
#
|
||||||
# This file is NOT expected to be user-configured.
|
# This file is NOT expected to be user-configured.
|
||||||
#
|
#
|
||||||
# These keys are current as of May 2018. If any key fails to
|
# Servers being set up for the first time can use the contents of this file
|
||||||
# initialize correctly, it may have expired. In that event you should
|
# as initializing keys; thereafter, the keys in the managed key database
|
||||||
# replace this file with a current version. The latest version of
|
# will be trusted and maintained automatically.
|
||||||
# bind.keys can always be obtained from ISC at https://www.isc.org/bind-keys.
|
|
||||||
#
|
#
|
||||||
# See https://data.iana.org/root-anchors/root-anchors.xml
|
# These keys are current as of Mar 2019. If any key fails to initialize
|
||||||
# for current trust anchor information for the root zone.
|
# correctly, it may have expired. In that event you should replace this
|
||||||
|
# file with a current version. The latest version of bind.keys can always
|
||||||
|
# be obtained from ISC at https://www.isc.org/bind-keys.
|
||||||
|
#
|
||||||
|
# See https://data.iana.org/root-anchors/root-anchors.xml for current trust
|
||||||
|
# anchor information for the root zone.
|
||||||
|
|
||||||
managed-keys {
|
managed-keys {
|
||||||
# This key (20326) was published in the root zone in 2017.
|
# This key (20326) was published in the root zone in 2017.
|
||||||
# Servers which were already using the old key (19036) should
|
|
||||||
# roll seamlessly to this new one via RFC 5011 rollover. Servers
|
|
||||||
# being set up for the first time can use the contents of this
|
|
||||||
# file as initializing keys; thereafter, the keys in the
|
|
||||||
# managed key database will be trusted and maintained
|
|
||||||
# automatically.
|
|
||||||
. initial-key 257 3 8 "AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3
|
. initial-key 257 3 8 "AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3
|
||||||
+/4RgWOq7HrxRixHlFlExOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kv
|
+/4RgWOq7HrxRixHlFlExOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kv
|
||||||
ArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgCmr3EgVLrjyBxWezF
|
ArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgCmr3EgVLrjyBxWezF
|
||||||
|
|||||||
48
bind.keys.h
48
bind.keys.h
@ -8,7 +8,7 @@
|
|||||||
# recognized or used by named.\n\
|
# recognized or used by named.\n\
|
||||||
#\n\
|
#\n\
|
||||||
# To use the built-in root key, set \"dnssec-validation auto;\" in the\n\
|
# To use the built-in root key, set \"dnssec-validation auto;\" in the\n\
|
||||||
# named.conf options or else leave \"dnssec-validation\" unset. If\n\
|
# named.conf options, or else leave \"dnssec-validation\" unset. If\n\
|
||||||
# \"dnssec-validation\" is set to \"yes\", then the keys in this file are\n\
|
# \"dnssec-validation\" is set to \"yes\", then the keys in this file are\n\
|
||||||
# ignored; keys will need to be explicitly configured in named.conf for\n\
|
# ignored; keys will need to be explicitly configured in named.conf for\n\
|
||||||
# validation to work. \"auto\" is the default setting, unless named is\n\
|
# validation to work. \"auto\" is the default setting, unless named is\n\
|
||||||
@ -17,22 +17,20 @@
|
|||||||
#\n\
|
#\n\
|
||||||
# This file is NOT expected to be user-configured.\n\
|
# This file is NOT expected to be user-configured.\n\
|
||||||
#\n\
|
#\n\
|
||||||
# These keys are current as of May 2018. If any key fails to\n\
|
# Servers being set up for the first time can use the contents of this file\n\
|
||||||
# initialize correctly, it may have expired. In that event you should\n\
|
# as initializing keys; thereafter, the keys in the managed key database\n\
|
||||||
# replace this file with a current version. The latest version of\n\
|
# will be trusted and maintained automatically.\n\
|
||||||
# bind.keys can always be obtained from ISC at https://www.isc.org/bind-keys.\n\
|
|
||||||
#\n\
|
#\n\
|
||||||
# See https://data.iana.org/root-anchors/root-anchors.xml\n\
|
# These keys are current as of Mar 2019. If any key fails to initialize\n\
|
||||||
# for current trust anchor information for the root zone.\n\
|
# correctly, it may have expired. In that event you should replace this\n\
|
||||||
|
# file with a current version. The latest version of bind.keys can always\n\
|
||||||
|
# be obtained from ISC at https://www.isc.org/bind-keys.\n\
|
||||||
|
#\n\
|
||||||
|
# See https://data.iana.org/root-anchors/root-anchors.xml for current trust\n\
|
||||||
|
# anchor information for the root zone.\n\
|
||||||
\n\
|
\n\
|
||||||
trusted-keys {\n\
|
trusted-keys {\n\
|
||||||
# This key (20326) was published in the root zone in 2017.\n\
|
# This key (20326) was published in the root zone in 2017.\n\
|
||||||
# Servers which were already using the old key (19036) should\n\
|
|
||||||
# roll seamlessly to this new one via RFC 5011 rollover. Servers\n\
|
|
||||||
# being set up for the first time can use the contents of this\n\
|
|
||||||
# file as initializing keys; thereafter, the keys in the\n\
|
|
||||||
# managed key database will be trusted and maintained\n\
|
|
||||||
# automatically.\n\
|
|
||||||
. 257 3 8 \"AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3\n\
|
. 257 3 8 \"AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3\n\
|
||||||
+/4RgWOq7HrxRixHlFlExOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kv\n\
|
+/4RgWOq7HrxRixHlFlExOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kv\n\
|
||||||
ArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgCmr3EgVLrjyBxWezF\n\
|
ArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgCmr3EgVLrjyBxWezF\n\
|
||||||
@ -51,7 +49,7 @@ trusted-keys {\n\
|
|||||||
# recognized or used by named.\n\
|
# recognized or used by named.\n\
|
||||||
#\n\
|
#\n\
|
||||||
# To use the built-in root key, set \"dnssec-validation auto;\" in the\n\
|
# To use the built-in root key, set \"dnssec-validation auto;\" in the\n\
|
||||||
# named.conf options or else leave \"dnssec-validation\" unset. If\n\
|
# named.conf options, or else leave \"dnssec-validation\" unset. If\n\
|
||||||
# \"dnssec-validation\" is set to \"yes\", then the keys in this file are\n\
|
# \"dnssec-validation\" is set to \"yes\", then the keys in this file are\n\
|
||||||
# ignored; keys will need to be explicitly configured in named.conf for\n\
|
# ignored; keys will need to be explicitly configured in named.conf for\n\
|
||||||
# validation to work. \"auto\" is the default setting, unless named is\n\
|
# validation to work. \"auto\" is the default setting, unless named is\n\
|
||||||
@ -60,22 +58,20 @@ trusted-keys {\n\
|
|||||||
#\n\
|
#\n\
|
||||||
# This file is NOT expected to be user-configured.\n\
|
# This file is NOT expected to be user-configured.\n\
|
||||||
#\n\
|
#\n\
|
||||||
# These keys are current as of May 2018. If any key fails to\n\
|
# Servers being set up for the first time can use the contents of this file\n\
|
||||||
# initialize correctly, it may have expired. In that event you should\n\
|
# as initializing keys; thereafter, the keys in the managed key database\n\
|
||||||
# replace this file with a current version. The latest version of\n\
|
# will be trusted and maintained automatically.\n\
|
||||||
# bind.keys can always be obtained from ISC at https://www.isc.org/bind-keys.\n\
|
|
||||||
#\n\
|
#\n\
|
||||||
# See https://data.iana.org/root-anchors/root-anchors.xml\n\
|
# These keys are current as of Mar 2019. If any key fails to initialize\n\
|
||||||
# for current trust anchor information for the root zone.\n\
|
# correctly, it may have expired. In that event you should replace this\n\
|
||||||
|
# file with a current version. The latest version of bind.keys can always\n\
|
||||||
|
# be obtained from ISC at https://www.isc.org/bind-keys.\n\
|
||||||
|
#\n\
|
||||||
|
# See https://data.iana.org/root-anchors/root-anchors.xml for current trust\n\
|
||||||
|
# anchor information for the root zone.\n\
|
||||||
\n\
|
\n\
|
||||||
managed-keys {\n\
|
managed-keys {\n\
|
||||||
# This key (20326) was published in the root zone in 2017.\n\
|
# This key (20326) was published in the root zone in 2017.\n\
|
||||||
# Servers which were already using the old key (19036) should\n\
|
|
||||||
# roll seamlessly to this new one via RFC 5011 rollover. Servers\n\
|
|
||||||
# being set up for the first time can use the contents of this\n\
|
|
||||||
# file as initializing keys; thereafter, the keys in the\n\
|
|
||||||
# managed key database will be trusted and maintained\n\
|
|
||||||
# automatically.\n\
|
|
||||||
. initial-key 257 3 8 \"AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3\n\
|
. initial-key 257 3 8 \"AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3\n\
|
||||||
+/4RgWOq7HrxRixHlFlExOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kv\n\
|
+/4RgWOq7HrxRixHlFlExOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kv\n\
|
||||||
ArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgCmr3EgVLrjyBxWezF\n\
|
ArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgCmr3EgVLrjyBxWezF\n\
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user