On Thu, Feb 08, 2018 at 10:08:32PM +0000, Mark Andrews via RT wrote:
> On Thu Feb 08 09:10:07 2018, muks wrote:
> > On Thu, Nov 17, 2016 at 03:56:57AM +0000, Mark Andrews via RT wrote:
> > > Warning for "." and "dlv.isc.org" when they match the built-in
> > > managed keys would be appropriate.
> > 
> > Somehow this ticket seems to have dropped off the radar.
> > 
> > Please review rt43670.
> > 
> > 		Mukund
> > 
> 
> No!!!  Named is used in private networks where trusted-keys for the root
> is perfectly appropriate.
> 
> dlv.isc.org already has plenty of warnings.
> 
> A warning for a trusted-key for "." which matches the to be removed
> key without the added key already being present would be the point
> where I would issue a warning.  Anything else is going to generate
> noise or is us enforcing our policy ideas on the operator.
> 
> Also all this code should be bin lib/bind9/check.c

OK. I checked the code that was merged and it looks like a better way to
handle it.

		Mukund