From a39a8372b37e695d20f287d26c3cd8179100a97b Mon Sep 17 00:00:00 2001 From: Philip Prindeville Date: Wed, 27 Oct 2021 21:45:59 -0600 Subject: [PATCH] bind: deprecate managed-keys MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This has been replaced with the "trust-anchors" keyword, per section 8.21.1 New Features of the Bind 9 Administrator Reference Manual: • In order to clarify the configuration of DNSSEC keys, the trusted-keys and managed-keys statements have been deprecated, and the new trust-anchors statement should now be used for both types of key. When used with the keyword initial-key, trust-anchors has the same behavior as managed-keys, i.e., it configures a trust anchor that is to be maintained via RFC 5011. When used with the new keyword static-key, trust-anchors has the same behavior as trusted-keys, i.e., it configures a permanent trust anchor that will not automatically be updated. (This usage is not recommended for the root key.) [GL #6] Signed-off-by: Philip Prindeville --- net/bind/files/bind/bind.keys | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/bind/files/bind/bind.keys b/net/bind/files/bind/bind.keys index db22d4bc0..931ebf98c 100644 --- a/net/bind/files/bind/bind.keys +++ b/net/bind/files/bind/bind.keys @@ -19,7 +19,7 @@ # replace this file with a current version. The latest version of # bind.keys can always be obtained from ISC at https://www.isc.org/bind-keys. -managed-keys { +trust-anchors { # ISC DLV: See https://www.isc.org/solutions/dlv for details. # # NOTE: The ISC DLV zone is being phased out as of February 2017;