upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-20 08:55:17 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
bind9/bind.keys
Evan Hunt 15b0ff5036 clean up bind.keys 
the comments in the bind.keys file were outdated; the file now only
exists to be converted into bind.keys.h and compiled into named and
delv.

some tests also referenced it, and have been cleaned up, since
the keys in it are already built into named.
2025-10-10 17:41:07 -07:00

43 lines
2 KiB
Text
Raw Blame History

# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
#
# SPDX-License-Identifier: MPL-2.0
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, you can obtain one at https://mozilla.org/MPL/2.0/.
#
# See the COPYRIGHT file distributed with this work for additional
# information regarding copyright ownership.
# This file contains trust anchors for the DNS root zone (".") which are
# compiled into named and delv. No other trust anchors can be configured
# here.
#
# These keys are current as of October 2025. If any key fails to
# initialize correctly, it may have expired. This should not occur if
# BIND is kept up to date.
#
# See https://data.iana.org/root-anchors/root-anchors.xml for current trust
# anchor information for the root zone.
trust-anchors {
# This key (20326) was published in the root zone in 2017, and
# is scheduled to be phased out starting in 2025. It will remain
# in the root zone until some time after its successor key has
# been activated. It will remain this file until it is removed
# from the root zone.
. initial-key 257 3 8 "AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3
+/4RgWOq7HrxRixHlFlExOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kv
ArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgCmr3EgVLrjyBxWezF
0jLHwVN8efS3rCj/EWgvIWgb9tarpVUDK/b58Da+sqqls3eNbuv7pr+e
oZG+SrDK6nWeL3c6H5Apxz7LjVc1uTIdsIXxuOLYA4/ilBmSVIzuDWfd
RUfhHdY6+cn8HFRm+2hM8AnXGXws9555KrUB5qihylGa8subX2Nn6UwN
R1AkUTV74bU=";
# This key (38696) will be pre-published in the root zone in 2025
# and is scheduled to begin signing in late 2026. At that time,
# servers which were already using the old key (20326) should roll
# seamlessly to this new one via RFC 5011 rollover.
. initial-ds 38696 8 2 "683D2D0ACB8C9B712A1948B27F741219298D0A450D612C483AF444A
4C0FB2B16";
};
Reference in a new issue View git blame Copy permalink