Hi, I'm running a DNS resolver using Unbound (OpenBSD 5.8-stable AMD64) with the auto-trust-anchor-file option set. This results in daily updates of the /var/unbound/db/root.key file (only comments are changed). Unfortunately this file is also checked via the security(8) script, which results in getting an insecurity output mail every day (Cry Wolf problem). Is there a way to exclude the comments in the checks or the complete root.key file?
Kind regards, Martijn Rijkeboer
