Latitude <arlendelcasti...@gmail.com> wrote: > > Should DNSSEC key signing keys and zone signing keys also be located in a > directory inside the /dynamic directory? Would it be acceptable to have them > in a directory such as /var/named/chroot/etc/keys/dnssec?
On my master server I have zone files and journals in a .../zone/ directory writable by named, and DNSSEC keys in a different .../key/ directory read-only for named, but writable by a semi-privileged user that is responsible for key maintenance. Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ - I xn--zr8h punycode Shannon: Variable 3, becoming west 4 or 5. Moderate. Occasional drizzle. Moderate or good. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users