[ksk-rollover] new root trust anchor confirmation
Evan Hunt
each at isc.org
Tue Aug 15 23:47:54 UTC 2017
On Tue, Aug 15, 2017 at 07:54:55PM +0000, Paul Hoffman wrote:
> On Aug 10, 2017, at 2:03 PM, Evan Hunt <each at isc.org> wrote:
> > If you run a recent BIND, "rndc managed-keys status"
>
> That works in BIND 9.11.x; is there any equivalent for BIND 9.10.x, which
> is still much more prevalent in distros?
"rndc secroots" will dump a list of trusted keys, and the managed-keys.bind
file is readable and has comments that indicate whether trust is pending or
active for each key.
--
Evan Hunt -- each at isc.org
Internet Systems Consortium, Inc.
More information about the ksk-rollover
mailing list