From: Philip Prindeville Date: Thu, 28 Oct 2021 03:45:59 +0000 (-0600) Subject: bind: deprecate managed-keys X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=refs%2Fpull%2F17003%2Fhead;p=feed%2Fpackages.git bind: deprecate managed-keys This has been replaced with the "trust-anchors" keyword, per section 8.21.1 New Features of the Bind 9 Administrator Reference Manual: • In order to clarify the configuration of DNSSEC keys, the trusted-keys and managed-keys statements have been deprecated, and the new trust-anchors statement should now be used for both types of key. When used with the keyword initial-key, trust-anchors has the same behavior as managed-keys, i.e., it configures a trust anchor that is to be maintained via RFC 5011. When used with the new keyword static-key, trust-anchors has the same behavior as trusted-keys, i.e., it configures a permanent trust anchor that will not automatically be updated. (This usage is not recommended for the root key.) [GL #6] Signed-off-by: Philip Prindeville --- diff --git a/net/bind/files/bind/bind.keys b/net/bind/files/bind/bind.keys index db22d4bc03..931ebf98c6 100644 --- a/net/bind/files/bind/bind.keys +++ b/net/bind/files/bind/bind.keys @@ -19,7 +19,7 @@ # replace this file with a current version. The latest version of # bind.keys can always be obtained from ISC at https://www.isc.org/bind-keys. -managed-keys { +trust-anchors { # ISC DLV: See https://www.isc.org/solutions/dlv for details. # # NOTE: The ISC DLV zone is being phased out as of February 2017;