>From reading the documentation, the difference between trust-anchor-file and >auto-trust-anchor-file is that the former is manually managed, the latter open >to Automated Updates (RFC 5011) management - is that correct?
Is the use of trust-anchor-file for the public root zone KSK popular? Do folks use it much at all (regardless of zone)? The same for trust-anchor statements, which appear to be in-line of the configuration file. I'm writing a howto to use an upcoming ICANN-provided testbed for Automated Updates testing. I'm not sure if I need to cover cases where someone currently uses unbound in a manually-managed trust anchor set manner. I'm prompted to ask because I haven't seen many training materials for unbound that feature the manual trust anchor database management options.
smime.p7s
Description: S/MIME cryptographic signature
