upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-28 04:34:54 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

[9.20] new: doc: Clarify how to print default dnssec-policy

Browse source 
Backport of MR !9092

Merge branch 'backport-pspacek/doc-dnssec-policy-default-9.20' into 'bind-9.20'

See merge request isc-projects/bind9!9225
This commit is contained in:
Petr Špaček 2024-08-02 09:15:30 +00:00
commit 7939166564
1 changed files with 3 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
doc/arm/reference.rst
View file

@ -6388,10 +6388,9 @@ propagating DS updates.
.. _dnssec_policy_default:
Policy ``default`` causes the zone to be signed with a single combined-signing
key (CSK) using algorithm ECDSAP256SHA256; this key has an unlimited
lifetime. (A verbose copy of this policy may be found in the source
tree, in the file ``doc/misc/dnssec-policy.default.conf``.)
The policy ``default`` causes the zone to be signed with a single combined-signing
key (CSK) using the algorithm ECDSAP256SHA256; this key has an unlimited
lifetime. This policy can be displayed using the command :option:`named -C`.
.. note:: The default signing policy may change in future releases.
This could require changes to a signing policy when upgrading to a