> Then why was anchors2keys written to create only trusted-keys?<GRIN>?
My guess is because managed-keys was only introduced in BIND 9.7, and
they wanted to be able to support 9.6 as well.
> It doesn't look hard to modify the script, but there appears to be
> subtle differences in syntax between the two data types.
The difference is the addition of an extra keyword immediately after the
zone name: "initial-key". So whereas the trusted-keys statement for the
root zone looks like this:
trusted-keys {
. 257 3 8 "[gibberish]";
};
The equivalent managed-keys statement is:
managed-keys {
. initial-key 257 3 8 "[gibberish]";
};
(The extra keyword is there because we were thinking we might want to
extend the syntax someday and add other methods for intiializing trust
anchors.)
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
