DNSSEC, views & trusted keys...

Phil Mayers p.mayers at imperial.ac.uk
Thu Sep 9 17:06:12 UTC 2010

On 09/09/2010 03:45 PM, Timothe Litt wrote:

> There is other advice in the ARM that says to put 'your organization's
> public keys in the trusted-keys list'.  That doesn't help - and in fact,
> confuses me even more since example.net has TWO different public keys - one
> for each view.  And trusted-keys is a global server option...
> I must be missing something.

I don't think so. Currently AFAICT bind will not set AD on authoritative 
zones, with any combination of options.

More information about the bind-users mailing list