do not stupidly delete ZSK files

Evan Hunt each at
Thu Jul 30 17:37:57 UTC 2015

On Thu, Jul 30, 2015 at 10:30:33AM -0700, David Newman wrote:
> After that second procedure (and also chown'ing the keyfiles to the bind
> user), the command 'dig +dnssec +multi dnskey' gives
> different results depending on which nameserver gets the query:
> Hidden primary (not authoritative for this zone): Key still in zone

... sorry, I'm confused. Which of the servers is doing the signing?


More information about the bind-users mailing list