Hi, On 10/29/2012 05:20 PM, Ben Walton wrote:
>>> configure: WARNING: >>> *** >>> *** The DNSSEC root key file in /etc/unbound/root.key was not found. >>> *** This file is needed for the verification of DNSSEC responses. >>> *** Use the command: unbound-anchor -a "/etc/unbound/root.key" >>> *** to generate or update it. >>> *** >> >> Any advice on how we should handle this? Add the key to libunbound2? >> Ihsan? > > My initial reaction to this was that including the "config" file in > the library package wasn't the right thing to do, but after reading > about it and thinking some more, I think your suggestion is ok. > Originally I thought a -data package to deliver this (and similar > files from unbound if they exist) might be a better option but that > seems to heavy and counter-productive. > > The recipe for unbound could automate creating root.key at every > re-spin using the procedure described here: > http://www.unbound.net/documentation/howto_anchor.html When I started to package Unbound in 2009, DNSSEC was still experimental and there was no root key yet. I will include the key in the future build. Thanks for pointing on this. Ihsan -- [email protected] http://blog.dogan.ch/ _______________________________________________ maintainers mailing list [email protected] https://lists.opencsw.org/mailman/listinfo/maintainers .:: This mailing list's archive is public. ::.
