Jelte Jansen
2015-04-06 19:49:53 UTC
Hi,
not too long ago two new commands appeared in unbound-control;
insecure_add and insecure_remove, to manage negative trust anchors.
These are great and I want to make use of them, but I could not find a
way to list the current negative trust anchors, which would be a very
useful command as well for what I'm thinking of.
I've attached a patch that adds a list_insecure option; it goes through
the anchors and prints the domain name of each anchor without DS or
DNSKEY records.
Please consider this for inclusion in the next release. Or, if I am
simply blind and such an option did exist already, please ignore this
patch and kindly point me in the right direction :)
Jelte
not too long ago two new commands appeared in unbound-control;
insecure_add and insecure_remove, to manage negative trust anchors.
These are great and I want to make use of them, but I could not find a
way to list the current negative trust anchors, which would be a very
useful command as well for what I'm thinking of.
I've attached a patch that adds a list_insecure option; it goes through
the anchors and prints the domain name of each anchor without DS or
DNSKEY records.
Please consider this for inclusion in the next release. Or, if I am
simply blind and such an option did exist already, please ignore this
patch and kindly point me in the right direction :)
Jelte