[Opendnssec-user] DelegationSignerSubmitCommand key identification

Daniel Salzman daniel.salzman at nic.cz
Fri May 11 12:27:50 UTC 2012


I am trying to set up automatic KSK rollover with OpenDNSSEC. If I use 
DelegationSignerSubmitCommand option
for starting my external program, I am missing any information about key 
identifier relating to DNSKEY record,
that should be subsequently used for key ds-seen. Although there is 
possibility to compute key_id manually,
this is not ideal approach due to ambiguity. It would be useful to add 
CKA_ID in comment to DelegationSignerSubmitCommand
parameter (if required in configuration).


More information about the Opendnssec-user mailing list