[Opendnssec-develop] Importing shared keys
Sion Lloyd
sion at nominet.org.uk
Wed Jul 21 08:59:10 UTC 2010
I'm getting through the shared keys work and am beginning to get to some of
the things that I hadn't thought about before. So this may be the first of
many questions...
What would people like to see happen on key import? Currently you need to
specify a zone to import the key onto, and then we have a choice:
Make this key available to other zones on the policy,
or
don't.
The simplest thing is to make it available, but are there reasons why we may
not want to do this?
On this note, are there any reasons to have an "import onto policy" function
where you can import a key in a particular state and it will appear in that
state in all zones on that policy? (Currently the key would be in the imported
state on the zone it was imported on, and just in the general pool of unused
keys for all other zones.)
Cheers,
Sion
More information about the Opendnssec-develop
mailing list