Matthijs Mekking 375112a623 Add built-in dnssec-policy "insecure" ... Add a new built-in policy "insecure", to be used to gracefully unsign a zone. Previously you could just remove the 'dnssec-policy' configuration from your zone statement, or remove it. The built-in policy "none" (or not configured) now actually means no DNSSEC maintenance for the corresponding zone. So if you immediately reconfigure your zone from whatever policy to "none", your zone will temporarily be seen as bogus by validating resolvers. This means we can remove the functions 'dns_zone_use_kasp()' and 'dns_zone_secure_to_insecure()' again. We also no longer have to check for the existence of key state files to figure out if a zone is transitioning to insecure. (cherry picked from commit 2710d9a11d)		2021-04-30 13:58:22 +02:00
..
dns	Add built-in dnssec-policy "insecure"	2021-04-30 13:58:22 +02:00
dst	Stop including <gssapi.h> from <dst/gssapi.h> header	2021-02-16 12:08:21 +11:00
.clang-format	Merge branch '46-enforce-clang-format-rules' into 'master'	2020-02-14 08:45:59 +00:00
Makefile.in	Remove $Id markers, Principal Author and Reviewed tags from the full source tree	2018-05-11 13:17:46 +02:00