[Unbound-users] root key format
wouter at nlnetlabs.nl
Tue May 15 08:37:14 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
On 05/09/2012 07:59 PM, Paul Wouters wrote:
> On Wed, 9 May 2012, Jan-Piet Mens wrote:
>>> I would like to ship 1 file format that can be used for both.
>>> Am I overlooking something?
>> The rdata portion is identical in both cases, so you could ship
>> that and "build" the format you need upon initializing your
>> application. Would that work?
> Ideally, I would like to ship one format of the root key, usuable
> by any application, not just unbound. I had hoped that the format
> everyone would decide on was the trusted-key statement in bind
> I'm trying to avoid shipping the root key in various tools and
> With respect to unbound, it would be nice if the daemon and the
> library could settle on 1 format to use.
int ub_ctx_trustedkeys(struct ub_ctx* ctx, char* fname);
This loads bind-style trusted keys from the libunbound library.
I would prefer the 'auto-trust-anchor-file' format, which is not
usable by bind, but it supports RFC5011.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the Unbound-users