-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi B, Paul, > On Thu, 18 Sep 2008, B C wrote: >> Is there a way to get unbund to re-read it's trust anchors or does this >> require a restart of unbound? If this doesn't already exist I think it would >> be a very useful feature to be able to send a signal to unbound and tell it >> to re-read all it's dnssec keys files. A reload suffices: kill -HUP `cat ...unbound.pid` or unbound-control reload Paul Wouters wrote: > That might be more complicated then it sounds? What do you do for records > that no longer have a trust record which are in cache? Or records that > might become validated/invalidated due to changes in the trust path? The cache is cleared. That prevents your concerns. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkjTTBMACgkQkDLqNwOhpPiVWgCeNxxn7w8heCdWiBecwGD52LZU caEAnRSWVcQE0Ndn6cTe1WIKoO5TiP7u =mWpG -----END PGP SIGNATURE-----