Maintained by: NLnet Labs

[Unbound-users] Using negative trust anchors with libunbound

Christopher K. Brown
Tue May 20 07:52:48 CEST 2014


I see in the 1.4.21 release notes that using the insecure_add and insecure_remove commands with the unbound_control command appears to allow one to make a domain "insecure" on the fly, and then remove the insecure flag on the fly in a running server

Is there an analogous functionality with libunbound?  The "domain-insecure" option in ub_ctx_set_option caught my eye, but I'm not sure how "on the fly" that is or exactly how one would remove the domain from being insecure.  Or is there some way to use ub_ctx_add_ta to both add and remove a negative ta?

Thanks in advance for any hints.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>