[Opendnssec-develop] delete keys

Siôn Lloyd sion at nominet.org.uk
Thu Jan 5 08:38:57 UTC 2012


On 05/01/12 08:30, Rickard Bellgrim wrote:
>> This story was both assigned and reported by me; so we need a volunteer to
>> test the code and close or reopen the issue.
> I can take it

Thank you.

>> One question is whether we should remove documentation for the --force flag;
>> or if we should remove that functionality completely? Currently, if the key
>> is not in the generate or dead state then the script exits... unless the
>> --force flag is provided, in which case they are asked if they really want
>> to continue.
> Is there a use case for having the --force flag?
>

Test environments maybe?

Published keys that have not become active (maybe if you lose access to 
them or want to increase the key length?)

If you have multiple active keys in parallel?

So no good use cases.

Sion



More information about the Opendnssec-develop mailing list