Update: Validation Easy Start Explained
This section still references managed-keys as of 9.16.16. It needs to be updated to refer to trust-anchors
.
Also delv does not consult the managed-keys database maintained by named, which means that if either of the keys in /etc/bind.keys is revoked and rolled over, /etc/bind.keys must be updated to use DNSSEC validation in delv.
is out of date.