How does the new-in-9.16 dnssec-policy interact with views - in
particular for key generation/rollover?
For example, we have a zone defined in multiple views with different
contents (and thus not suitable for in-view), being signed by the same
set of keys (currently maintained by dnssec-keymgr) - this allows us to
publish only a single set of DS records for that zone.
If a zone 'example.net' is defined in view 'a', and a zone 'example.net'
is defined in view 'b', but both views share a single key-directory, is
it 'safe' to configure dnssec-policy in both views?
Graham
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
