Hello,
In my unbound.conf I have:
...
trust-anchor-file: "/usr/local/etc/unbound/ancoras/br.anchor"
trust-anchor-file:
"/usr/local/etc/unbound/ancoras/dlv.isc.org.anchor"
...
But I saw in Chris Griffiths message:
...
trust-anchor-file: "/etc/unbound/anchors/br.anchor"
trust-anchor-file: "/etc/unbound/anchors/se.anchor"
trust-anchor-file: "/etc/unbound/anchors/bg.anchor"
trust-anchor-file: "/etc/unbound/anchors/pr.anchor"
trust-anchor-file: "/etc/unbound/anchors/cz.anchor"
...
My question is about how many trusted keys for validation must I use? And,
if I manage about 200 domains, must I take care about them in my recursive
servers, including its trusted keys? Are there security additional advantage
to take care in anchor .br, .se, .bg and so on?
Thank you,
JB
_______________________________________________
Unbound-users mailing list
[email protected]
http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
