[Opendnssec-develop] Key (HSM) backup
Jakob Schlyter
jakob at kirei.se
Thu Aug 13 07:29:06 UTC 2009
On 13 aug 2009, at 09.25, sion at nominet.org.uk wrote:
> So the default is to be able to use keys that are not backed up? I
> thought
> that this was the less desirable option...
in theory yes, but for any practical use no. so I vote for the default
to use keys before backup (and clearly state in the default config
file how to enable backup checking)
> Anyway, I'll make sure that a suitably apocalyptic message is logged
> if a
> non-backed up key becomes active.
right!
j
More information about the Opendnssec-develop
mailing list