Latitude <[email protected]> wrote: > > Should DNSSEC key signing keys and zone signing keys also be located in a > directory inside the /dynamic directory? Would it be acceptable to have them > in a directory such as /var/named/chroot/etc/keys/dnssec?
On my master server I have zone files and journals in a .../zone/ directory writable by named, and DNSSEC keys in a different .../key/ directory read-only for named, but writable by a semi-privileged user that is responsible for key maintenance. Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ - I xn--zr8h punycode Shannon: Variable 3, becoming west 4 or 5. Moderate. Occasional drizzle. Moderate or good. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
