[Opendnssec-develop] Config question

Alexd at nominet.org.uk Alexd at nominet.org.uk
Tue Aug 4 08:03:54 UTC 2009

Hi -

I've been looking at Pivotal issue 1018973. I have some questions 
regarding the system configuration - sorry if the answers are written 
down; I couldn't find them.

Currently, the auditor uses zonelist.xml to find the <zone_config>.xml 
files for each zone, and do the auditing. This is apparently not good.

So, I can look at conf.xml, kasp.xml and zonelist.xml, and get most of the 
info from there. However, these files do not specify the salt - this is 
potentially added from the DB, and not stored anywhere other than 
<zone_config.xml>. So, I don't think it's possible to write the auditor 
without checking this file, unless the salt is queried directly from the 

Should the auditor be checking the DB?

Should the salt be stored somewhere the auditor can get it? Or should that 
be the only information lifted from <zone_config.xml>?


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-develop/attachments/20090804/51105ca1/attachment.htm>

More information about the Opendnssec-develop mailing list