Nothing is ever set in stone that hard. Sorry they wrote scripts for it. All apologies they decided to use Elmer's glue instead of high tensile strength super carbon based cement. They will just have to amend those temp scripts with some test cases or you can write a compatibility shim with an expiration clause with an annoying warning message.
I recall spending a LOT of time with DNSSEC figuring out all the nonsense but like anything else stability and friendliness has to start somewhere. And development should not be impeded by adoption of bad practices. Fix the root cause not the symptom. -- Jason Hellenthal Voice: 95.30.17.6/616 JJH48-ARIN > On Mar 6, 2014, at 3:11, Evan Hunt <e...@isc.org> wrote: > >> On Thu, Mar 06, 2014 at 08:55:28AM +0100, Carsten Strotmann wrote: >> I agree that it might be nice to change "dnssec-keygen" to make the tool >> more userfriendly. The current state-of-things is because of historic >> developments in how DNSSEC came to birth. > > ...and lots of people dealing with dnssec-keygen's user-unfriendliness > by writing shell scripts to run it, which will break if we change its > interface now. A lot of old mistakes have gotten chiseled into stone > by that. > > I've long wanted to write a replacement for the zone key functions > of dnssec-keygen (or at least a sensible wrapper), so that DNSSEC > keys could be generated according to a configured policy rather > than command-line alphabet soup. > > For generating host keys, I suggest "ddns-confgen" rather than > "dnssec-keygen". > > -- > Evan Hunt -- e...@isc.org > Internet Systems Consortium, Inc. > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
