On Thu Feb 08 09:10:07 2018, muks wrote:
> On Thu, Nov 17, 2016 at 03:56:57AM +0000, Mark Andrews via RT wrote:
> > Warning for "." and "dlv.isc.org" when they match the built-in
> > managed keys would be appropriate.
> 
> Somehow this ticket seems to have dropped off the radar.
> 
> Please review rt43670.
> 
> 		Mukund
> 

No!!!  Named is used in private networks where trusted-keys for the root
is perfectly appropriate.

dlv.isc.org already has plenty of warnings.

A warning for a trusted-key for "." which matches the to be removed key without the added
key already being present would be the point where I would issue a warning.  Anything
else is going to generate noise or is us enforcing our policy ideas on the operator.

Also all this code should be bin lib/bind9/check.c