[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: where is the DNSSEC root key?

When unbound is installed, the root key is at /var/lib/unbound/root.key.

The init script updates it, if requsted, by way of unbound-anchor(8).

Ideally there would be a separate package each dnssec-aware package
could depend on which would maintain the root.key file.

For comparison, gentoo has a net-dns/dnssec-root package which
installs /etc/dnssec/root-anchors.txt and .xml.  That would be
a good precedent to follow.

James Cloos <cloos@jhcloos.com>         OpenPGP: 1024D/ED7DAEA6

Reply to: