Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
BIND
BIND
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 631
    • Issues 631
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 105
    • Merge Requests 105
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Incidents
    • Environments
  • Packages & Registries
    • Packages & Registries
    • Container Registry
  • Analytics
    • Analytics
    • CI / CD
    • Repository
    • Value Stream
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Members
    • Members
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • ISC Open Source Projects
  • BINDBIND
  • Issues
  • #2027

Closed
Open
Opened Jul 14, 2020 by JP Mens@jpmensContributor

Slightly misleading diagnostic when revoked key is removed from managed-keys zone

I observe what for me is a slightly misleading diagnostic when BIND (9.16.4) deletes a revoked key from managed-keys.bind:

managed-keys-zone: Revoked key 53742 for zone . missing: deleting from managed keys database

It says missing, but in fact is isn't: 53742 is still in the zone:

.                       60 IN DNSKEY 385 3 8 (
                                AwEAAaCmQX9L+/G3j3wOJYG55AfUA3mSEl8sCpwU1X58
                                8fRVkvm9tjy00FXJFI6okAIerPOlnmNaV/s5ySY0wot9
                                O8c655G6ajbiwP55paE35oSOEZL+jAbW6/WRh9Y+Mxat
                                AhJAjmauVUQqWcEfZ61x9T4G91RevT5pXmwUGB/fVRTx
                                I8T3vdN2ycv45wHczGxqXYThel6R/V1RWHBQkqRZqqQV
                                tIfyPZz9risEtnhp6IzTJGBesDkIZVIsIc2DZ5g3FqBw
                                /Xr0SQiko06HiZIT4z29MTHrIbnrzvXQkejSBRQX+Nal
                                0sxFV7ZeXqMhmQWSiAhNuR4ypcRa7lhq57WDIM8=
                                ) ; revoked KSK; alg = RSASHA256 ; key id = 53742

I wonder whether something along the lines of

Revoked key 53742 for zone . is no longer required: deleting from managed keys database

would be clearer?

Assignee
Assign to
September 2020 (9.11.23, 9.11.23-S1, 9.16.7, 9.17.5)
Milestone
September 2020 (9.11.23, 9.11.23-S1, 9.16.7, 9.17.5) (Past due)
Assign milestone
Time tracking
None
Due date
None
Reference: isc-projects/bind9#2027