> unbound wants to write to that file to keep it current. Sorry for asking as I am not so much into root.key and package updates. However I do not understand that sentence yet and I am terrible curious. >From the user perspective: The user needs a current root.key file to do validation. What is the difference whether that happens via a package update/backport, or unbound-anchor, or both? In other words, if unbound- anchor writes to "/usr/share/dns/root.key", why is that bad? If dns- root-data is updated/backported and writes to the very same file, why is that bad? In both cases, a different technology is used to get a current root.key. Does that qualify to separate things?
Furthermore, I am not sure about the role of the package dns-root-data, yet. I am asking because the answer could void my workaround D. dns- root-data was/is never backported. Uhh? Did I understand that correctly? unbound-anchor needs a working and valid starting point. What happens when the package dns-root-data is so terrible outdated that unbound- anchor cannot use it as starting point anymore? In other words: I do not understand why Debian world needs RFC 5011 when they have a much "better" update mechanism already, the package management. It is nice to have unbound-anchor (and its RFC 5011) as well, but isn’t the Debian/Ubuntu package management better and therefore should be the primary choice? A symlink would create that "primary", I thought. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1771545 Title: root.key might be missing To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/unbound/+bug/1771545/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
