Jason Hellenthal <[email protected]> wrote: > > I recall spending a LOT of time with DNSSEC figuring out all the > nonsense but like anything else stability and friendliness has to start > somewhere. And development should not be impeded by adoption of bad > practices. Fix the root cause not the symptom.
dnssec-keygen actually has quite sane defaults, but unfortunately the man page is not great at saying which options can be ignored because they are cruft from the 1990s. It could do with better examples too. Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ South Utsire, Forties: Southwesterly 5 to 7, perhaps gale 8 later. Moderate or rough. Rain. Moderate or poor. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
