[Opendnssec-user] *WARNING* message
Siôn Lloyd
sion at nominet.org.uk
Fri Jan 6 08:43:04 UTC 2012
On 05/01/12 12:56, Fredrik Pettai wrote:
> Ok, I'm not 100% sure how I should interpret this warning:
>
> # ods-ksmutil key rollover --zone eduid.se --keytype ZSK
> SQLite database set to: /var/opendnssec/kasp.db
> *WARNING* This zone shares keys with others, all instances of the active key on this zone will be retired; are you sure? [y/N] N
> Okay, quitting...
>
> Isn't it just one instance of the active (ZSK) key for my zone? Does it mean that the other zones using the same key will continue as normal? Maybe this warning message could be written in a better way.
>
> Re,
> /P _______________________________________________
> Opendnssec-user mailing list
> Opendnssec-user at lists.opendnssec.org
> https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
The message is confusing, I'll reword it.
What it means is that every zone that shares this key will be rolled.
(The fact that the rollover command is being used to force a roll is
taken as an indicator that this key is no longer trusted.)
Sion
More information about the Opendnssec-user
mailing list