Matthijs Mekking bbfdcc36c8 Add inline-signing to dnssec-policy ... Add an option to enable/disable inline-signing inside the dnssec-policy clause. The existing inline-signing option that is set in the zone clause takes priority, but if it is omitted, then the value that is set in dnssec-policy is taken. The built-in policies use inline-signing. This means that if you want to use the default policy without inline-signing you either have to set it explicitly in the zone clause: zone "example" { ... dnssec-policy default; inline-signing no; }; Or create a new policy, only overriding the inline-signing option: dnssec-policy "default-dynamic" { inline-signing no; }; zone "example" { ... dnssec-policy default-dynamic; }; This also means that if you are going insecure with a dynamic zone, the built-in "insecure" policy needs to be accompanied with "inline-signing no;".		2023-08-01 06:55:48 +00:00
..
arm	Obsolete dnssec-update-mode	2023-07-20 12:44:19 +02:00
design	Remove auto-dnssec from documentation	2023-07-20 11:04:24 +02:00
dev	Remove trailing whitespace from all text files	2023-06-13 15:05:40 +02:00
dnssec-guide	Remove auto-dnssec from documentation	2023-07-20 11:04:24 +02:00
doxygen	Remove trailing whitespace from all text files	2023-06-13 15:05:40 +02:00
man	Remove pregenerated manpages from the repo	2023-02-10 11:24:03 +01:00
misc	Add inline-signing to dnssec-policy	2023-08-01 06:55:48 +00:00
notes	Add release note and CHANGES for #3672	2023-07-20 12:44:19 +02:00
Makefile.am	Remove pregenerated manpages from the repo	2023-02-10 11:24:03 +01:00