[Yeti DNS Discuss] Yeti KSK revoke status

Daniel Stirnimann daniel.stirnimann at switch.ch
Wed Aug 31 11:30:13 UTC 2016


Thank you Kevin

> for BIND 9:
> cd /path/to/managed-key-dir/
> cat $(ls -t *.mkeys|head -1) # find the latest managed keys

I must admit, I really like the new rndc managed-keys command in the
upcoming BIND 9.11:

rndc managed-keys status
view: default
next scheduled event: Wed, 31 Aug 2016 22:56:44 GMT

    name: .
    keyid: 56082
	algorithm: RSASHA256
	flags: REVOKE SEP
	next refresh: Wed, 31 Aug 2016 22:56:44 GMT
	remove at: Thu, 29 Sep 2016 15:04:45 GMT
	trust revoked
    keyid: 19444
	algorithm: RSASHA256
	flags: SEP
	next refresh: Wed, 31 Aug 2016 22:56:44 GMT
	trusted since: Wed, 10 Aug 2016 15:41:29 GMT
    keyid: 55954
	algorithm: RSASHA256
	flags: SEP
	next refresh: Wed, 31 Aug 2016 22:56:44 GMT
	trust pending: Fri, 30 Sep 2016 06:11:53 GMT

Daniel

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.yeti-dns.org/pipermail/discuss/attachments/20160831/4fdb7d3d/attachment.bin>


More information about the discuss mailing list