[Opendnssec-develop] Key (HSM) backup
jakob at kirei.se
Wed Aug 12 20:23:53 UTC 2009
On 12 aug 2009, at 14.46, sion at nominet.org.uk wrote:
>> Yeah, have a tag similar to <NoBackup />
>> The reason to have a negative tag is because you want to opt-in the
>> security features.
>> Is this tag then for
> Or even a property of the repository?
yes, that makes sense. perhaps something like this:
Configuration/RepositoryList/Repository/RequireBackup (empty element)
it is a feature you turn on. most people will assume that they don't
have to flag keys as backed up so the default should be off IMHO.
More information about the Opendnssec-develop